Se connecter / S'enregistrer
Votre question

Directitfast.com

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
16 Mai 2009 12:17:47

Bonjour, bon comme conseillé dans mon autre topic dans son/vidéo(http://www.infos-du-net.com/forum/275736-20-ipod-itunes... ) , je vais d'abord m'occupé d'un probleme de virus.

En effet depuis peu, j'ai été infécté par un virus qui me redirigait tout mes liens google et autre sur divers page. Grâce a Avast, j'ai réussi a régler +/- le probleme, en effet maintenant plus de probleme mis a part qu'il me bloque toute les 5min une intrusion d'un site directitfast.com .. Les analyses ne donnent rien.

Le probleme ne me gene pas plus que cela, c'est juste que j'ai tout de même envie de le supprimer..

En vous remerciant d'avance,

Cordialement. :hello: 

Autres pages sur : directitfast com

a b 8 Sécurité
16 Mai 2009 17:36:16

Bonjour,

Télécharge Random's System Information Tool (RSIT) (de random/random) et sauvegarde-le sur le Bureau.

  • Double-clique sur RSIT.exe afin de lancer RSIT.
  • Clique Continue  à l'écran Disclaimer.
  • Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
  • Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt  (qui sera affiché)
    ainsi que de info.txt  (qui sera réduit dans la Barre des Tâches)
  • NB : Les rapports sont sauvegardés dans le dossier C:\rsit  
  • Veille bien à me poster l'intégralité des rapports, vérifie qu'ils soient complets une fois que tu les as postés.
    17 Mai 2009 19:40:26

    Merci de l'aide!
    Log.txt
    Citation :
    Logfile of random's system information tool 1.06 (written by random/random)
    Run by Alain at 2009-05-17 19:37:15
    Microsoft Windows XP Professionnel Service Pack 2
    System drive C: has 73 GB (86%) free of 84 GB
    Total RAM: 1023 MB (48% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 19:37:39, on 17/05/2009
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\WINDOWS\ATKKBService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\Eset_TrialReset_serv.exe
    C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\ATK0100\HControl.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\ASUS\ASUS Live Update\ALU.exe
    C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe
    C:\Program Files\ASUS\NB Probe\NBProbe.exe
    C:\Program Files\ASUS\Wireless Console\wcourier.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
    C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
    C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Winamp\winampa.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\ASUS\Asus ChkMail\ChkMail.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\ATK0100\ATKOSD.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Winamp\winamp.exe
    C:\Documents and Settings\Alain\Bureau\RSIT.exe
    C:\Program Files\trend micro\Alain.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.asus.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.asus.com/
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: flashget2 urlcatch - {1F364306-AA45-47B5-9F9D-39A8B94E7EF1} - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\bhoCATCH.dll
    O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [ASUS Live Update] C:\Program Files\ASUS\ASUS Live Update\ALU.exe
    O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
    O4 - HKLM\..\Run: [NB Probe] C:\Program Files\ASUS\NB Probe\NBProbe.exe
    O4 - HKLM\..\Run: [Wireless Console] C:\Program Files\ASUS\Wireless Console\wcourier.exe
    O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
    O4 - HKLM\..\Run: [IntelZeroConfig] C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
    O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
    O4 - HKLM\..\Run: [EOUApp] C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - S-1-5-18 Startup: ChkDisk.lnk = ? (User 'SYSTEM')
    O4 - .DEFAULT Startup: ChkDisk.lnk = ? (User 'Default user')
    O4 - Startup: ChkDisk.lnk = ?
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: ASUS ChkMail.lnk = C:\Program Files\ASUS\Asus ChkMail\ChkMail.exe
    O8 - Extra context menu item: &Download All by FlashGet - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm
    O8 - Extra context menu item: &Download by FlashGet - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm
    O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com
    O20 - AppInit_DLLs: C:\WINDOWS\system32\palozora.dll
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Eset TrialReset (Eset_TrialReset_serv) - Everstrike Software - C:\WINDOWS\Eset_TrialReset_serv.exe
    O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
    O23 - Service: OwnershipProtocol - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
    O23 - Service: OwnershipProtocol - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
    O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe

    --
    End of file - 7787 bytes

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1F364306-AA45-47B5-9F9D-39A8B94E7EF1}]
    FG2CatchUrl - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\bhoCATCH.dll [2008-08-19 104016]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "HControl"=C:\WINDOWS\ATK0100\HControl.exe [2005-07-28 102400]
    "RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2005-09-06 14850560]
    "Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
    "ASUS Live Update"=C:\Program Files\ASUS\ASUS Live Update\ALU.exe [2003-09-19 172032]
    "Power_Gear"=C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe [2005-06-16 86016]
    "NB Probe"=C:\Program Files\ASUS\NB Probe\NBProbe.exe [2005-07-27 765952]
    "Wireless Console"=C:\Program Files\ASUS\Wireless Console\wcourier.exe [2005-07-22 57344]
    "SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2004-12-21 98394]
    "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-12-06 1024000]
    "ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2005-08-30 344064]
    "IntelZeroConfig"=C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe [2005-05-31 401408]
    ""= []
    "IntelWireless"=C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [2005-06-03 385024]
    "EOUApp"=C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe [2005-05-31 356352]
    "NeroFilterCheck"=C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
    "RemoteControl"=C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe [2005-01-12 32768]
    "avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2008-11-26 81000]
    "WinampAgent"=C:\Program Files\Winamp\winampa.exe [2009-04-10 37888]
    "QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-01-05 413696]
    "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-04-02 342312]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-05 15360]
    "msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408]

    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
    Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    ASUS ChkMail.lnk - C:\Program Files\ASUS\Asus ChkMail\ChkMail.exe

    C:\Documents and Settings\Alain\Menu Démarrer\Programmes\Démarrage
    ChkDisk.lnk - C:\WINDOWS\system32\rundll32.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "AppInit_DLLS"="C:\WINDOWS\system32\palozora.dll "

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
    C:\WINDOWS\system32\Ati2evxx.dll [2005-08-30 46080]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\IntelWireless]
    C:\Program Files\Intel\Wireless\Bin\LgNotify.dll [2005-05-31 110592]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
    "notification packages"=scecli
    C:\WINDOWS\system32\palozora.dll

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Video3D.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Video3D.sys]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "DisableTaskMgr"=0

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=145
    "NoSetActiveDesktop"=0
    "NoActiveDesktopChanges"=0

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoSetActiveDesktop"=
    "NoActiveDesktopChanges"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\GameFace Messenger\GameFace.exe"="C:\Program Files\GameFace Messenger\GameFace.exe:*:Enabled:IM"
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe"="C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe:*:Enabled:Flashget2"
    "C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdate.exe"="C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdate.exe:*:Enabled:FGLiveUpdate"
    "C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdateEx.exe"="C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdateEx.exe:*:Enabled:FGLiveUpdateEx"
    "C:\WINDOWS\Temp\beajxxl7.exe"="C:\WINDOWS\Temp\beajxxl7.exe:*:Enabled:beajxxl7"
    "C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:rundll32"
    "\??\C:\WINDOWS\system32\winlogon.exe"="\??\C:\WINDOWS\system32\winlogon.exe:*:Enabled:rundll32"
    "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
    "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d73d3398-4239-11de-acd1-000e35a670f9}]
    shell\Auto\command - H:\PegeFile.pif
    shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL PegeFile.pif


    ======List of files/folders created in the last 1 months======

    2009-05-17 19:37:16 ----D---- C:\Program Files\trend micro
    2009-05-17 19:37:15 ----D---- C:\rsit
    2009-05-14 23:14:33 ----A---- C:\WINDOWS\system32\GEARAspi.dll
    2009-05-14 23:14:22 ----D---- C:\Program Files\iPod
    2009-05-14 23:14:20 ----D---- C:\Program Files\iTunes
    2009-05-14 23:14:20 ----D---- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
    2009-05-14 23:14:12 ----D---- C:\Program Files\Bonjour
    2009-05-14 23:13:42 ----D---- C:\Program Files\QuickTime
    2009-05-12 22:09:09 ----N---- C:\WINDOWS\system32\vxblock.dll
    2009-05-12 22:09:09 ----N---- C:\WINDOWS\system32\pxwave.dll
    2009-05-12 22:09:09 ----N---- C:\WINDOWS\system32\pxsfs.dll
    2009-05-12 22:09:09 ----N---- C:\WINDOWS\system32\pxmas.dll
    2009-05-12 22:09:09 ----N---- C:\WINDOWS\system32\pxinsa64.exe
    2009-05-12 22:09:09 ----N---- C:\WINDOWS\system32\pxhpinst.exe
    2009-05-12 22:09:09 ----N---- C:\WINDOWS\system32\pxdrv.dll
    2009-05-12 22:09:09 ----N---- C:\WINDOWS\system32\pxcpya64.exe
    2009-05-12 22:09:09 ----N---- C:\WINDOWS\system32\pxafs.dll
    2009-05-12 22:09:09 ----N---- C:\WINDOWS\system32\px.dll
    2009-05-12 22:09:07 ----D---- C:\Program Files\Winamp
    2009-05-12 22:09:07 ----D---- C:\Documents and Settings\Alain\Application Data\Winamp
    2009-05-12 21:46:22 ----D---- C:\Program Files\CCleaner
    2009-05-10 20:32:05 ----A---- C:\WINDOWS\system32\aswBoot.exe
    2009-05-10 20:32:03 ----D---- C:\Program Files\Alwil Software
    2009-05-10 20:16:32 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
    2009-05-08 11:19:14 ----D---- C:\WINDOWS\Minidump
    2009-05-06 23:11:00 ----A---- C:\WINDOWS\wininit.ini
    2009-05-06 20:19:56 ----D---- C:\Program Files\Spybot - Search & Destroy
    2009-05-06 20:19:56 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2009-05-06 00:49:22 ----D---- C:\WINDOWS\system32\appmgmt
    2009-05-06 00:33:08 ----D---- C:\Documents and Settings\Alain\Application Data\Malwarebytes
    2009-05-06 00:32:54 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    2009-05-06 00:32:54 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2009-05-06 00:27:16 ----A---- C:\WINDOWS\system32\tmp.txt
    2009-05-06 00:27:00 ----A---- C:\rapport.txt
    2009-05-06 00:26:38 ----A---- C:\WINDOWS\system32\WS2Fix.exe
    2009-05-06 00:26:38 ----A---- C:\WINDOWS\system32\VCCLSID.exe
    2009-05-06 00:26:38 ----A---- C:\WINDOWS\system32\VACFix.exe
    2009-05-06 00:26:38 ----A---- C:\WINDOWS\system32\o4Patch.exe
    2009-05-06 00:26:38 ----A---- C:\WINDOWS\system32\IEDFix.exe
    2009-05-06 00:26:38 ----A---- C:\WINDOWS\system32\IEDFix.C.exe
    2009-05-06 00:26:38 ----A---- C:\WINDOWS\system32\Agent.OMZ.Fix.exe
    2009-05-06 00:26:38 ----A---- C:\WINDOWS\system32\404Fix.exe
    2009-05-06 00:26:37 ----A---- C:\WINDOWS\system32\swxcacls.exe
    2009-05-06 00:26:37 ----A---- C:\WINDOWS\system32\swsc.exe
    2009-05-06 00:26:37 ----A---- C:\WINDOWS\system32\swreg.exe
    2009-05-06 00:26:37 ----A---- C:\WINDOWS\system32\SrchSTS.exe
    2009-05-06 00:26:37 ----A---- C:\WINDOWS\system32\Process.exe
    2009-05-06 00:26:37 ----A---- C:\WINDOWS\system32\dumphive.exe
    2009-04-30 14:42:07 ----D---- C:\Program Files\Guitar Pro 5
    2009-04-23 14:59:01 ----D---- C:\Program Files\Adobe Photoshop CS3
    2009-04-23 14:58:52 ----A---- C:\Program Files\unins000.exe
    2009-04-23 14:58:52 ----A---- C:\Program Files\Photoshop.exe
    2009-04-22 18:56:48 ----D---- C:\Documents and Settings\Alain\Application Data\Canon
    2009-04-22 18:32:39 ----A---- C:\WINDOWS\OpPrintServer.INI
    2009-04-22 18:30:36 ----D---- C:\Program Files\Canon

    ======List of files/folders modified in the last 1 months======

    2009-05-17 03:26:16 ----A---- C:\WINDOWS\SchedLgU.Txt
    2009-05-08 00:00:00 ----A---- C:\WINDOWS\DUMP591c.tmp
    2009-05-05 21:06:38 ----ASH---- C:\WINDOWS\system32\lomugiti.exe
    2009-04-25 14:30:28 ----A---- C:\WINDOWS\NeroDigital.ini

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2008-11-26 26944]
    R1 asuskbnt;Enhanced Display Driver Helper Service; C:\WINDOWS\system32\drivers\atkkbnt.sys [2005-06-09 23040]
    R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2008-11-26 111184]
    R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2008-11-26 50864]
    R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-05 40320]
    R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.2.0.3; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2009-03-29 17801]
    R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-11-26 20560]
    R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2008-11-26 94032]
    R2 ghaio;ghaio; \??\C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys []
    R2 irda;Protocole IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2004-08-03 87424]
    R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2005-01-16 13059]
    R2 s24trans;Transport RLAN; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2005-05-03 11354]
    R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-05 60800]
    R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2008-11-26 23152]
    R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-08-30 1333760]
    R3 Cam5603C;BisonCam, USB2.0; C:\WINDOWS\System32\Drivers\Bs350u2.sys [2005-02-17 638720]
    R3 CmBatt;Pilote d'adaptateur secteur Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-03 14080]
    R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-03-19 23400]
    R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
    R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2005-01-16 1036928]
    R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2005-01-16 163328]
    R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2005-09-07 3959808]
    R3 irsir;Pilote série infrarouge Microsoft; C:\WINDOWS\system32\DRIVERS\irsir.sys [2001-08-17 18688]
    R3 IWCA;Intel Wireless Connection Agent Miniport for Win XP; C:\WINDOWS\system32\DRIVERS\iwca.sys [2004-08-12 234496]
    R3 MTsensor;ATK0100 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ATKACPI.sys [2005-02-17 5632]
    R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-05 61824]
    R3 Rasirda;Miniport réseau étendu (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
    R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2007-12-06 220032]
    R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
    R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
    R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
    R3 w29n51;Pilote de carte de connexion réseau Intel(R) PRO/Wireless 2200BG pour Windows XP; C:\WINDOWS\system32\DRIVERS\w29n51.sys [2005-04-30 3281408]
    R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2005-01-16 702592]
    R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Gigabit Ethernet Adapter; C:\WINDOWS\system32\DRIVERS\yukonwxp.sys [2004-06-01 142464]
    S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
    S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
    S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
    S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
    S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
    S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
    S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
    S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-03-05 36864]
    S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
    S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
    S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-03-06 132424]
    R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2008-11-26 18752]
    R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2005-08-30 376832]
    R2 ATKKeyboardService;ATK Keyboard Service; C:\WINDOWS\ATKKBService.exe [2005-08-07 253952]
    R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2008-11-26 155160]
    R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
    R2 Eset_TrialReset_serv;Eset TrialReset; C:\WINDOWS\Eset_TrialReset_serv.exe [2008-07-27 69632]
    R2 EvtEng;EvtEng; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2005-06-03 86016]
    R2 Irmon;Moniteur infrarouge; C:\WINDOWS\system32\svchost.exe [2004-08-05 14336]
    R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [2006-10-19 61440]
    R2 OwnershipProtocol;OwnershipProtocol; C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe [2005-05-31 98304]
    R2 OwnershipProtocol;OwnershipProtocol; C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe [2005-05-31 98304]
    R2 RegSrvc;RegSrvc; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2005-06-03 139264]
    R2 S24EventMonitor;Spectrum24 Event Monitor; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2005-06-03 372809]
    R2 spmgr;spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [2005-04-20 118784]
    R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]
    R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2008-11-26 254040]
    R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2008-11-26 352920]
    R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-04-02 656168]
    S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-12-05 774144]
    S3 NMIndexingService;NMIndexingService; C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe [2006-12-23 262144]

    -----------------EOF-----------------



    Info.txt
    Citation :
    info.txt logfile of random's system information tool 1.06 2009-05-17 19:37:41

    ======Uninstall list======

    -->C:\Program Files\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL
    -->C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu
    -->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
    -->C:\WINDOWS\UNRecode.exe /UNINSTALL
    -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
    Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
    Adobe Photoshop CS3 extended-->"C:\Program Files\unins000.exe"
    Adobe Reader 7.0-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70000000000}
    Apple Mobile Device Support-->MsiExec.exe /I{AFA20D47-69C3-4030-8DF8-D37466E70F13}
    Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
    Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
    Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
    Asus ChkMail-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Asus\Asus ChkMail\Uninst.isu"
    ASUS Enhanced Display Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{315ACD04-BCEB-478B-9B1D-5431D0E6CB11}\setup.exe" -l0x40c
    ASUS Live Update-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\ASUS\ASUS Live Update\Uninst.isu" -c"C:\Program Files\ASUS\ASUS Live Update\Uninst.dll"
    ASUS VideoSecurity Online-->c:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{169E414A-37C7-434E-9021-27A03AE087CD}
    Asus_A6_ScreenSaver-->C:\WINDOWS\Asus_A6_ScreenSaver.scr /u
    ASUSDVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
    ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:D ISPLAY -clean
    ATK0100 ACPI UTILITY-->C:\WINDOWS\ATK0100\XPunin.exe
    avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
    BisonCam, USB2.0-->C:\WINDOWS\Bs350u2r.exe
    Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
    Canon Camera Support Core Library-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{A1D0D14A-B776-4907-BC00-5149F2298086} /l1036
    Canon Camera Window DC_DV 5 for ZoomBrowser EX-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{A2EB8F2E-6D9B-4F8B-96EB-F976D33F416F}
    Canon Camera Window DSLR 5 for ZoomBrowser EX-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{0A146245-DB79-4197-BF5D-FE1A699A2CC7}
    Canon Camera Window MC 5 for ZoomBrowser EX-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{36C65B50-37BA-4467-AAD5-0523EFDF6F62}
    Canon EOS Kiss_N REBEL_XT 350D Pilote WIA -->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{33CF7CDF-9805-4500-9CC7-D19D52AD63C4} /l1036
    CANON iMAGE GATEWAY Task for ZoomBrowser EX-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{5B03B93F-1B32-4509-9CA6-4BB33E9987EF}
    Canon Internet Library for ZoomBrowser EX-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{D0E8C34D-19D2-49FD-A900-88DEB788FF86}
    Canon PhotoRecord-->MsiExec.exe /X{BBBC2B89-E193-4348-A83C-C8DD8210A4AC}
    Canon RAW Image Task for ZoomBrowser EX-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{BAA43DA2-B6C5-46EC-B163-0E8EEAF975A4}
    Canon Utilities Digital Photo Professional 2.0-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{17BF3045-AB1D-4048-8356-6C584B83565E} /l1036
    Canon Utilities EOS Capture 1.5-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{589D17BB-C997-48C0-BCD2-CC8DC3375FE8}
    Canon Utilities PhotoStitch 3.1-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{874E44F3-B9A7-4AA1-B4BA-83E5684ED9C6}
    Canon ZoomBrowser EX (F)-->MsiExec.exe /X{C1D76D7A-F3BB-47EA-A746-5B1E2FFC1DF2}
    CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
    Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
    FlashGet 2.0-->C:\Program Files\FlashGet Network\FlashGet universal\uninst.exe
    Guitar Pro 5.2-->"C:\Program Files\Guitar Pro 5\unins000.exe"
    HDAUDIO SoftV92 Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_10431966\HXFSETUP.EXE -U -IHDAUDIO\FUNC_02&VEN_14F1&DEV_2BFA&SUBSYS_10431966
    HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
    Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
    Installation Windows Live-->MsiExec.exe /I{7370DF47-B4F9-4279-BFC3-3F09919F720D}
    Intel(R) PROSet/Wireless Software-->C:\WINDOWS\Installer\iProInst.exe
    iTunes-->MsiExec.exe /I{5EFCBB42-36AB-4FF9-B90C-E78C7B9EE7B3}
    Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
    Marsu-Fix 2.6-->"C:\WINDOWS\Marsu-Fix 2.6 Uninstaller.exe"
    mCore-->MsiExec.exe /I{6DE14BE4-6F04-4935-8ABD-A0A19FE2E55A}
    mDriver-->MsiExec.exe /I{28DA872A-0848-48CF-B749-19A198157A2A}
    mDrWiFi-->MsiExec.exe /I{F6090A17-0967-4A8A-B3C3-422A1B514D49}
    mEoU.msi-->MsiExec.exe /I{B502B428-3386-40A9-98DB-079AAB72E64F}
    mHelp-->MsiExec.exe /I{8C6BB412-D3A8-4AAE-A01B-35B681789D68}
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
    mIWA-->MsiExec.exe /I{3E9D596A-61D4-4239-BD19-2DB984D2A16F}
    mIWCA-->MsiExec.exe /I{6FFFE74E-3FBD-4E2E-97F9-5E9A2A077626}
    mLogView-->MsiExec.exe /I{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}
    mMHouse-->MsiExec.exe /I{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}
    Mozilla Firefox (3.0.10)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
    mPfMgr-->MsiExec.exe /I{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}
    mPfWiz-->MsiExec.exe /I{90B0D222-8C21-4B35-9262-53B042F18AF9}
    mProSafe-->MsiExec.exe /I{23FB368F-1399-4EAC-817C-4B83ECBE3D83}
    MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
    mWlsSafe-->MsiExec.exe /I{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}
    mXML-->MsiExec.exe /I{9CC89556-3578-48DD-8408-04E66EBEF401}
    mZConfig-->MsiExec.exe /I{7CD7A451-7224-49C8-95EF-9A1859C66607}
    NB Probe-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}\setup.exe" -l0x9
    Nero 7 Essentials-->MsiExec.exe /X{8A8C4EAC-9AB7-45FA-9480-5716FD261036}
    Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
    Panneau de contrôle ATI-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe"
    Power4 Gear-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4462AD13-F2AA-4CBD-9F95-293C38EED870}\setup.exe" -l0x9
    QuickTime-->MsiExec.exe /I{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}
    Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -l0x40c -removeonly
    Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
    Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
    Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
    Winamp-->"C:\Program Files\Winamp\UninstWA.exe"
    Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
    Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
    Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
    Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C}
    Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
    WinFlash-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DE10AB76-4756-4913-BE25-55D1C1051F9A}\setup.exe" -l0x9
    Wireless Console-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{83F73CB1-7705-49D1-9852-84D839CA2A45}\setup.exe" -l0x9 -removeonly

    ======Security center information======

    AV: avast! antivirus 4.8.1296 [VPS 090509-0] (outdated)

    ======System event log======

    Computer Name: NOM-B2CB54442BD
    Event Code: 9
    Message: Le périphérique \Device\Ide\IdePort0 n'a pas répondu dans le délai imparti.

    Record Number: 7823
    Source Name: atapi
    Time Written: 20090509165055.000000+120
    Event Type: erreur
    User:

    Computer Name: NOM-B2CB54442BD
    Event Code: 9
    Message: Le périphérique \Device\Ide\IdePort0 n'a pas répondu dans le délai imparti.

    Record Number: 7822
    Source Name: atapi
    Time Written: 20090509165055.000000+120
    Event Type: erreur
    User:

    Computer Name: NOM-B2CB54442BD
    Event Code: 9
    Message: Le périphérique \Device\Ide\IdePort0 n'a pas répondu dans le délai imparti.

    Record Number: 7821
    Source Name: atapi
    Time Written: 20090509165055.000000+120
    Event Type: erreur
    User:

    Computer Name: NOM-B2CB54442BD
    Event Code: 9
    Message: Le périphérique \Device\Ide\IdePort0 n'a pas répondu dans le délai imparti.

    Record Number: 7820
    Source Name: atapi
    Time Written: 20090509165055.000000+120
    Event Type: erreur
    User:

    Computer Name: NOM-B2CB54442BD
    Event Code: 9
    Message: Le périphérique \Device\Ide\IdePort0 n'a pas répondu dans le délai imparti.

    Record Number: 7819
    Source Name: atapi
    Time Written: 20090509165055.000000+120
    Event Type: erreur
    User:

    =====Application event log=====

    Computer Name: NOM-B2CB54442BD
    Event Code: 100
    Message: wuauclt (3604) Le moteur de base de données 5.01.2600.2180 est démarré.

    Record Number: 841
    Source Name: ESENT
    Time Written: 20090428174958.000000+120
    Event Type: Informations
    User:

    Computer Name: NOM-B2CB54442BD
    Event Code: 0
    Message:
    Record Number: 840
    Source Name: iPod Service
    Time Written: 20090428174914.000000+120
    Event Type: Informations
    User:

    Computer Name: NOM-B2CB54442BD
    Event Code: 1800
    Message: Le service Centre de sécurité Windows a démarré.

    Record Number: 839
    Source Name: SecurityCenter
    Time Written: 20090428174913.000000+120
    Event Type: Informations
    User:

    Computer Name: NOM-B2CB54442BD
    Event Code: 1
    Message:
    Record Number: 838
    Source Name: Bonjour Service
    Time Written: 20090428174912.000000+120
    Event Type: Informations
    User:

    Computer Name: NOM-B2CB54442BD
    Event Code: 0
    Message:
    Record Number: 837
    Source Name: RegSrvc
    Time Written: 20090428174912.000000+120
    Event Type: Informations
    User:

    ======Environment variables======

    "ComSpec"=%SystemRoot%\system32\cmd.exe
    "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ATI Technologies\ATI Control Panel;C:\Program Files\QuickTime\QTSystem\
    "windir"=%SystemRoot%
    "FP_NO_HOST_CHECK"=NO
    "OS"=Windows_NT
    "PROCESSOR_ARCHITECTURE"=x86
    "PROCESSOR_LEVEL"=6
    "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 13 Stepping 6, GenuineIntel
    "PROCESSOR_REVISION"=0d06
    "NUMBER_OF_PROCESSORS"=1
    "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
    "TEMP"=%SystemRoot%\TEMP
    "TMP"=%SystemRoot%\TEMP
    "CLASSPATH"=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip
    "QTJAVA"=C:\Program Files\QuickTime\QTSystem\QTJava.zip

    -----------------EOF-----------------



    a b 8 Sécurité
    17 Mai 2009 20:16:59

    On va commencer par un petit nettoyage.

    Télécharge MalwareByte's Anti-Malware sur ton Bureau.

  • Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.
  • Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
  • Afin de lancer la recherche, clic sur"Rechercher".
  • Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :

    ~ Si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
    ~~ Si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau.
    ~~~~ Fais redémarrer ton ordinateur normalement et poste le rapport dans ta prochaine réponse.

    REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]

    Note : Si tu ne parviens à télécharger MBAM à part de MajorGeeks, tu peux le télécharger ici!

    [#FF0000]Aide
    :
  • Comment utiliser MBAM.
  • Comment faire démarrer son ordinateur en mode sans échec.
    18 Mai 2009 00:46:33

    C'est ce que j'avais fait plusieur fois avant, il m'avait détecté plusieur truk que j'ai supprimé. Je vien d'en refaire un au cas ou, et il ne détecte rien.
    a b 8 Sécurité
    18 Mai 2009 17:17:43

    On attaque alors.

    Télécharge OTMoveIt3 (de OldTimer). Sauvegarde-le sur ton Bureau.
    Copie (Ctrl+C) le texte se situant dans le cadre ci-dessous :

    :processes
    explorer.exe

    :reg
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "AppInit_DLLS"=""

    :files
    C:\WINDOWS\system32\palozora.dll

    :commands
    [emptytemp]
    [start explorer]
    [reboot]


    Double clique sur OTMoveIt3.exe afin de le lancer.
    Colle (ou Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
    Clique maintenant sur le bouton MoveIt![/#f] puis ferme OTMoveIt3.

    [#ff0000]Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
    Accepte en cliquant sur YES.[/#f]

    Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
    Le nom du rapport correspond au moment de sa création : date_heure.log

    &

    Désinstalle via Ajout/Suppression de Programmes (si présents) :
  • Avast!

    Télécharge et exécute le Désinstalleur d'Avast!.
    Ceci effacera la majorité des traces du produit Avast! d'Alwil Software.

    Télécharge Ccleaner sur ton Bureau.

  • Clique sur "download the latest version"
  • Installe-le en laissant seulement les options suivantes cochées :
    - Ajouter un raccourci sur le Bureau
    - Contrôler automatiquement les mises à jour de CCleaner
  • Lance le Nettoyage
  • Clique sur Chercher des erreurs et sauvegarde si tu le souhaites.

    [#FF0000]Aide
  • : Comment utiliser CCleaner.

    &

    Télécharge AntiVir sur ton Bureau.

  • Double clique sur l'exécutable téléchargé pour lancer l'installation.
  • A la fin de l'installation, clique sur Finish.
  • Ouvre Antivir, assure-toi qu’il soit bien à jour !
  • Dans l'onglet Protection Locale, choisis Contrôler.
  • Active la recherche de rootkits via le + de Recherche de Rootkits, puis dans Sélection manuelle, coche tout (tes partitions de disque dur).
  • Clique sur la loupe du milieu pour lancer le scan en tant qu'Administrateur.
  • Poste moi le rapport généré : Pour cela, clique sur l'onglet Aperçu, puis choisis Rapports, tu trouveras son rapport..
  • Sélectionne le rapport et clique sur l'icône "Afficher le fichier de rapport du rapport sélectionné.

    Note : Pour une éradication des menaces plus efficace, lance le scan en mode sans échec.

    Pourquoi changer ? Avast vs Antivir.

    Aide : Comment installer et utiliser AntiVir.
    18 Mai 2009 19:04:54

    OTmoveit:

    Citation :
    ========== PROCESSES ==========
    Process explorer.exe killed successfully.
    ========== REGISTRY ==========
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\"AppInit_DLLS"|"" /E : value set successfully!
    ========== FILES ==========
    File/Folder C:\WINDOWS\system32\palozora.dll not found.
    ========== COMMANDS ==========
    File delete failed. C:\DOCUME~1\Alain\LOCALS~1\Temp\etilqs_DyKEAKEFsDfn41BUvELJ scheduled to be deleted on reboot.
    User's Temp folder emptied.
    User's Internet Explorer cache folder emptied.
    File delete failed. C:\Documents and Settings\Alain\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
    User's Temporary Internet Files folder emptied.
    Local Service Temp folder emptied.
    File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
    Local Service Temporary Internet Files folder emptied.
    Network Service Temp folder emptied.
    Network Service Temporary Internet Files folder emptied.
    File delete failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be deleted on reboot.
    File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_314.dat scheduled to be deleted on reboot.
    Windows Temp folder emptied.
    File delete failed. C:\Documents and Settings\Alain\Local Settings\Application Data\Mozilla\Firefox\Profiles\z6a4wxys.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\Alain\Local Settings\Application Data\Mozilla\Firefox\Profiles\z6a4wxys.default\Cache\_CACHE_001_ scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\Alain\Local Settings\Application Data\Mozilla\Firefox\Profiles\z6a4wxys.default\Cache\_CACHE_002_ scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\Alain\Local Settings\Application Data\Mozilla\Firefox\Profiles\z6a4wxys.default\Cache\_CACHE_003_ scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\Alain\Local Settings\Application Data\Mozilla\Firefox\Profiles\z6a4wxys.default\XUL.mfl scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\Alain\Local Settings\Application Data\Mozilla\Firefox\Profiles\z6a4wxys.default\urlclassifier3.sqlite scheduled to be deleted on reboot.
    FireFox cache emptied.
    Temp folders emptied.
    Explorer started successfully

    OTMoveIt3 by OldTimer - Version 1.0.11.0 log created on 05182009_182404

    Files moved on Reboot...
    File C:\DOCUME~1\Alain\LOCALS~1\Temp\etilqs_DyKEAKEFsDfn41BUvELJ not found!
    File C:\WINDOWS\temp\_avast4_\Webshlock.txt not found!
    C:\WINDOWS\temp\Perflib_Perfdata_314.dat moved successfully.
    C:\Documents and Settings\Alain\Local Settings\Application Data\Mozilla\Firefox\Profiles\z6a4wxys.default\Cache\_CACHE_MAP_ moved successfully.
    C:\Documents and Settings\Alain\Local Settings\Application Data\Mozilla\Firefox\Profiles\z6a4wxys.default\Cache\_CACHE_001_ moved successfully.
    C:\Documents and Settings\Alain\Local Settings\Application Data\Mozilla\Firefox\Profiles\z6a4wxys.default\Cache\_CACHE_002_ moved successfully.
    C:\Documents and Settings\Alain\Local Settings\Application Data\Mozilla\Firefox\Profiles\z6a4wxys.default\Cache\_CACHE_003_ moved successfully.
    C:\Documents and Settings\Alain\Local Settings\Application Data\Mozilla\Firefox\Profiles\z6a4wxys.default\XUL.mfl moved successfully.
    C:\Documents and Settings\Alain\Local Settings\Application Data\Mozilla\Firefox\Profiles\z6a4wxys.default\urlclassifier3.sqlite moved successfully.


    Avira:

    Citation :


    Avira AntiVir Personal
    Date de création du fichier de rapport : lundi 18 mai 2009 18:45

    La recherche porte sur 1400055 souches de virus.

    Détenteur de la licence :Avira AntiVir PersonalEdition Classic
    Numéro de série : 0000149996-ADJIE-0001
    Plateforme : Windows XP
    Version de Windows :( Service Pack 2) [5.1.2600]
    Mode Boot : Démarré normalement
    Identifiant : Alain
    Nom de l'ordinateur :NOM-B2CB54442BD

    Informations de version :
    BUILD.DAT : 8.2.0.53 17752 Bytes 23/03/2009 13:45:00
    AVSCAN.EXE : 8.1.4.10 315649 Bytes 18/11/2008 07:21:02
    AVSCAN.DLL : 8.1.4.1 49921 Bytes 21/07/2008 12:44:28
    LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 11:44:18
    LUKERES.DLL : 8.1.4.0 13057 Bytes 04/07/2008 06:30:28
    ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27/10/2008 10:30:38
    ANTIVIR1.VDF : 7.1.2.12 3336192 Bytes 11/02/2009 16:41:42
    ANTIVIR2.VDF : 7.1.3.185 2010112 Bytes 12/05/2009 16:41:48
    ANTIVIR3.VDF : 7.1.3.223 172544 Bytes 18/05/2009 16:41:50
    Version du moteur: 8.2.0.168
    AEVDF.DLL : 8.1.1.1 106868 Bytes 18/05/2009 16:42:00
    AESCRIPT.DLL : 8.1.2.0 389497 Bytes 18/05/2009 16:42:00
    AESCN.DLL : 8.1.2.3 127347 Bytes 18/05/2009 16:41:58
    AERDL.DLL : 8.1.1.3 438645 Bytes 04/11/2008 12:58:40
    AEPACK.DLL : 8.1.3.16 397686 Bytes 18/05/2009 16:41:58
    AEOFFICE.DLL : 8.1.0.36 196987 Bytes 18/05/2009 16:41:56
    AEHEUR.DLL : 8.1.0.129 1761655 Bytes 18/05/2009 16:41:56
    AEHELP.DLL : 8.1.2.2 119158 Bytes 18/05/2009 16:41:54
    AEGEN.DLL : 8.1.1.44 348532 Bytes 18/05/2009 16:41:52
    AEEMU.DLL : 8.1.0.9 393588 Bytes 14/10/2008 09:05:58
    AECORE.DLL : 8.1.6.9 176500 Bytes 18/05/2009 16:41:52
    AEBB.DLL : 8.1.0.3 53618 Bytes 14/10/2008 09:05:58
    AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 07:40:04
    AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 08:28:00
    AVREP.DLL : 8.0.0.3 155688 Bytes 18/05/2009 16:41:50
    AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 10:26:38
    AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 07:29:20
    AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 11:27:48
    SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 16:28:04
    SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 11:49:38
    NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 11:05:08
    RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 04/07/2008 06:23:18
    RCTEXT.DLL : 8.0.52.1 86273 Bytes 17/07/2008 09:08:44

    Configuration pour la recherche actuelle :
    Nom de la tâche..................: Sélection manuelle
    Fichier de configuration.........: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\PROFILES\folder.avp
    Documentation....................: bas
    Action principale................: interactif
    Action secondaire................: ignorer
    Recherche sur les secteurs d'amorçage maître: marche
    Recherche sur les secteurs d'amorçage: marche
    Secteurs d'amorçage..............: C:, D:,
    Recherche dans les programmes actifs: marche
    Recherche en cours sur l'enregistrement: marche
    Recherche de Rootkits............: arrêt
    Fichier mode de recherche........: Sélection de fichiers intelligente
    Recherche sur les archives.......: marche
    Limiter la profondeur de récursivité: 20
    Archive Smart Extensions.........: marche
    Heuristique de macrovirus........: marche
    Heuristique fichier..............: moyen

    Début de la recherche : lundi 18 mai 2009 18:45

    La recherche sur les processus démarrés commence :
    Processus de recherche 'avscan.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'avcenter.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'avguard.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'avgnt.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'sched.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'FIREFOX.EXE' - '1' module(s) sont contrôlés
    Processus de recherche 'ATKOSD.EXE' - '1' module(s) sont contrôlés
    Processus de recherche 'iPodService.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'ChkMail.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'MSNMSGR.EXE' - '1' module(s) sont contrôlés
    Processus de recherche 'CTFMON.EXE' - '1' module(s) sont contrôlés
    Processus de recherche 'iTunesHelper.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'WINAMPA.EXE' - '1' module(s) sont contrôlés
    Processus de recherche 'PDVDServ.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'EOUWiz.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'iFrmewrk.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'ATIPTAXX.EXE' - '1' module(s) sont contrôlés
    Processus de recherche 'SynTPEnh.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'WCOURIER.EXE' - '1' module(s) sont contrôlés
    Processus de recherche 'NBProbe.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'BatteryLife.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'ALU.EXE' - '1' module(s) sont contrôlés
    Processus de recherche 'RTHDCPL.EXE' - '1' module(s) sont contrôlés
    Processus de recherche 'HControl.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'ALG.EXE' - '1' module(s) sont contrôlés
    Processus de recherche 'WMIPRVSE.EXE' - '1' module(s) sont contrôlés
    Processus de recherche 'WSCNTFY.EXE' - '1' module(s) sont contrôlés
    Processus de recherche 'WDFMGR.EXE' - '1' module(s) sont contrôlés
    Processus de recherche 'SVCHOST.EXE' - '1' module(s) sont contrôlés
    Processus de recherche 'SPMGR.EXE' - '1' module(s) sont contrôlés
    Processus de recherche 'RegSrvc.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'OProtSvc.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'LSSrvc.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'Eset_TrialReset_serv.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'mDNSResponder.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'ATKKBService.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'AppleMobileDeviceService.exe' - '1' module(s) sont contrôlés
    Processus de recherche '1XConfig.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'SPOOLSV.EXE' - '1' module(s) sont contrôlés
    Processus de recherche 'SVCHOST.EXE' - '1' module(s) sont contrôlés
    Processus de recherche 'SVCHOST.EXE' - '1' module(s) sont contrôlés
    Processus de recherche 'EXPLORER.EXE' - '1' module(s) sont contrôlés
    Processus de recherche 'ATI2EVXX.EXE' - '1' module(s) sont contrôlés
    Processus de recherche 'ZCfgSvc.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'S24EvMon.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'EvtEng.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'SVCHOST.EXE' - '1' module(s) sont contrôlés
    Processus de recherche 'SVCHOST.EXE' - '1' module(s) sont contrôlés
    Processus de recherche 'SVCHOST.EXE' - '1' module(s) sont contrôlés
    Processus de recherche 'ATI2EVXX.EXE' - '1' module(s) sont contrôlés
    Processus de recherche 'LSASS.EXE' - '1' module(s) sont contrôlés
    Processus de recherche 'SERVICES.EXE' - '1' module(s) sont contrôlés
    Processus de recherche 'WINLOGON.EXE' - '1' module(s) sont contrôlés
    Processus de recherche 'CSRSS.EXE' - '1' module(s) sont contrôlés
    Processus de recherche 'SMSS.EXE' - '1' module(s) sont contrôlés
    '55' processus ont été contrôlés avec '55' modules

    La recherche sur les secteurs d'amorçage maître commence :

    La recherche sur les secteurs d'amorçage commence :
    Secteur d'amorçage 'C:\'
    [INFO] Aucun virus trouvé !
    Secteur d'amorçage 'D:\'
    [INFO] Aucun virus trouvé !

    La recherche sur les renvois aux fichiers exécutables (registre) commence.
    Le registre a été contrôlé ( '60' fichiers).


    La recherche sur les fichiers sélectionnés commence :

    Recherche débutant dans 'C:\'
    C:\hiberfil.sys
    [AVERTISSEMENT] Impossible d'ouvrir le fichier !
    C:\pagefile.sys
    [AVERTISSEMENT] Impossible d'ouvrir le fichier !
    C:\WINDOWS\system32\lomugiti.exe
    [RESULTAT] Contient le cheval de Troie TR/Vundo.Gen
    [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4a7e917b.qua' !
    Recherche débutant dans 'D:\'


    Fin de la recherche : lundi 18 mai 2009 19:02
    Temps nécessaire: 16:33 Minute(s)

    La recherche a été effectuée intégralement

    4073 Les répertoires ont été contrôlés
    120960 Des fichiers ont été contrôlés
    1 Des virus ou programmes indésirables ont été trouvés
    0 Des fichiers ont été classés comme suspects
    0 Des fichiers ont été supprimés
    0 Des virus ou programmes indésirables ont été réparés
    1 Les fichiers ont été déplacés dans la quarantaine
    0 Les fichiers ont été renommés
    2 Impossible de contrôler des fichiers
    120957 Fichiers non infectés
    7100 Les archives ont été contrôlées
    2 Avertissements
    1 Consignes




    Avira a détecté un probleme que j'ai mis en quarantaine.
    19 Mai 2009 00:36:25

    Apres avoir desinstallé Avast, et installé antivir, je retrouve quelque symptome d'avant: a savoir, non affichage de certaine page, redirection de quelques unes... Mais avant d'avoir installé Avast! j'avais installé ce même antivir et comme j'avais vu que ca marchais pas, j'avais installer avast...
    a b 8 Sécurité
    19 Mai 2009 17:30:20

    Refais un scan RIST.
    19 Mai 2009 18:06:30

    RIST?

    EDIT: je suis en train de refaire un scan avec Avira, ca en a déja trouver 4..
    a b 8 Sécurité
    19 Mai 2009 20:09:29

    RSIT pardon.
    19 Mai 2009 20:48:22

    Cette fois ci je n'ai que le log.txt:

    Citation :
    Logfile of random's system information tool 1.06 (written by random/random)
    Run by Alain at 2009-05-19 20:47:31
    Microsoft Windows XP Professionnel Service Pack 2
    System drive C: has 73 GB (86%) free of 84 GB
    Total RAM: 1023 MB (58% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 20:47:33, on 19/05/2009
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\WINDOWS\ATKKBService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\Eset_TrialReset_serv.exe
    C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\WINDOWS\ATK0100\HControl.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\ASUS\ASUS Live Update\ALU.exe
    C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe
    C:\Program Files\ASUS\NB Probe\NBProbe.exe
    C:\Program Files\ASUS\Wireless Console\wcourier.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
    C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
    C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe
    C:\Program Files\Winamp\winampa.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\ASUS\Asus ChkMail\ChkMail.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\ATK0100\ATKOSD.exe
    \?\globalroot\C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Documents and Settings\Alain\Bureau\RSIT.exe
    C:\Program Files\trend micro\Alain.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.asus.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.asus.com/
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: C:\WINDOWS\system32\afnoinkdsfe.dll - {C2BA40A1-74F3-42BD-F434-12345A2C8953} - C:\WINDOWS\system32\afnoinkdsfe.dll
    O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [ASUS Live Update] C:\Program Files\ASUS\ASUS Live Update\ALU.exe
    O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
    O4 - HKLM\..\Run: [NB Probe] C:\Program Files\ASUS\NB Probe\NBProbe.exe
    O4 - HKLM\..\Run: [Wireless Console] C:\Program Files\ASUS\Wireless Console\wcourier.exe
    O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
    O4 - HKLM\..\Run: [IntelZeroConfig] C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
    O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
    O4 - HKLM\..\Run: [EOUApp] C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKLM\..\Run: [autochk] rundll32.exe C:\WINDOWS\system32\autochk.dll,_IWMPEvents@16
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [autochk] rundll32.exe C:\DOCUME~1\Alain\protect.dll,_IWMPEvents@16
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\Run: [A00FE38FD.exe] C:\WINDOWS\TEMP\_A00FE38FD.exe (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\Run: [autochk] rundll32.exe C:\DOCUME~1\NETWOR~1\protect.dll,_IWMPEvents@16 (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: ChkDisk.lnk = ?
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: ASUS ChkMail.lnk = C:\Program Files\ASUS\Asus ChkMail\ChkMail.exe
    O8 - Extra context menu item: &Download All by FlashGet - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm
    O8 - Extra context menu item: &Download by FlashGet - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm
    O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com
    O20 - Winlogon Notify: __c00AEE56 - C:\WINDOWS\system32\__c00AEE56.dat
    O22 - SharedTaskScheduler: sdfsefsfdvdubgiungfuyd - {C2BA40A1-74F3-42BD-F434-12345A2C8953} - C:\WINDOWS\system32\afnoinkdsfe.dll
    O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Eset TrialReset (Eset_TrialReset_serv) - Everstrike Software - C:\WINDOWS\Eset_TrialReset_serv.exe
    O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
    O23 - Service: OwnershipProtocol - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
    O23 - Service: OwnershipProtocol - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
    O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe

    --
    End of file - 8183 bytes

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C2BA40A1-74F3-42BD-F434-12345A2C8953}]
    C:\WINDOWS\system32\afnoinkdsfe.dll - C:\WINDOWS\system32\afnoinkdsfe.dll [2009-05-18 15000]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "HControl"=C:\WINDOWS\ATK0100\HControl.exe [2005-07-28 102400]
    "RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2005-09-06 14850560]
    "Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
    "ASUS Live Update"=C:\Program Files\ASUS\ASUS Live Update\ALU.exe [2003-09-19 172032]
    "Power_Gear"=C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe [2005-06-16 86016]
    "NB Probe"=C:\Program Files\ASUS\NB Probe\NBProbe.exe [2005-07-27 765952]
    "Wireless Console"=C:\Program Files\ASUS\Wireless Console\wcourier.exe [2005-07-22 57344]
    "SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2004-12-21 98394]
    "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-12-06 1024000]
    "ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2005-08-30 344064]
    "IntelZeroConfig"=C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe [2005-05-31 401408]
    ""= []
    "IntelWireless"=C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [2005-06-03 385024]
    "EOUApp"=C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe [2005-05-31 356352]
    "NeroFilterCheck"=C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
    "RemoteControl"=C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe [2005-01-12 32768]
    "WinampAgent"=C:\Program Files\Winamp\winampa.exe [2009-04-10 37888]
    "QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-01-05 413696]
    "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-04-02 342312]
    "avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]
    "autochk"=C:\WINDOWS\system32\autochk.dll,_IWMPEvents@16 []

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-05 15360]
    "msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408]
    "autochk"=C:\DOCUME~1\Alain\protect.dll,_IWMPEvents@16 []

    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
    Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    ASUS ChkMail.lnk - C:\Program Files\ASUS\Asus ChkMail\ChkMail.exe

    C:\Documents and Settings\Alain\Menu Démarrer\Programmes\Démarrage
    ChkDisk.lnk - C:\WINDOWS\system32\rundll32.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
    C:\WINDOWS\system32\Ati2evxx.dll [2005-08-30 46080]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\IntelWireless]
    C:\Program Files\Intel\Wireless\Bin\LgNotify.dll [2005-05-31 110592]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\__c00AEE56]
    C:\WINDOWS\system32\__c00AEE56.dat [2009-05-19 28160]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
    sdfsefsfdvdubgiungfuyd - {C2BA40A1-74F3-42BD-F434-12345A2C8953} - C:\WINDOWS\system32\afnoinkdsfe.dll [2009-05-18 15000]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
    "notification packages"=scecli
    C:\WINDOWS\system32\palozora.dll

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Video3D.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Video3D.sys]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "DisableTaskMgr"=0

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=145
    "NoSetActiveDesktop"=0
    "NoActiveDesktopChanges"=0

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoSetActiveDesktop"=
    "NoActiveDesktopChanges"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\GameFace Messenger\GameFace.exe"="C:\Program Files\GameFace Messenger\GameFace.exe:*:Enabled:IM"
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe"="C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe:*:Enabled:Flashget2"
    "C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdate.exe"="C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdate.exe:*:Enabled:FGLiveUpdate"
    "C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdateEx.exe"="C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdateEx.exe:*:Enabled:FGLiveUpdateEx"
    "C:\WINDOWS\Temp\beajxxl7.exe"="C:\WINDOWS\Temp\beajxxl7.exe:*:Enabled:beajxxl7"
    "C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:rundll32"
    "\??\C:\WINDOWS\system32\winlogon.exe"="\??\C:\WINDOWS\system32\winlogon.exe:*:Enabled:rundll32"
    "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
    "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
    "D:\Program Files\Steam\steamapps\aloun3@hotmail.com\counter-strike\hl.exe"="D:\Program Files\Steam\steamapps\aloun3@hotmail.com\counter-strike\hl.exe:*:Enabled:Half-Life Launcher"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d73d3398-4239-11de-acd1-000e35a670f9}]
    shell\Auto\command - H:\PegeFile.pif
    shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL PegeFile.pif


    ======List of files/folders created in the last 1 months======

    2009-05-19 20:20:05 ----ASH---- C:\ARK1F.tmp
    2009-05-19 18:19:18 ----ASH---- C:\ARK1D.tmp
    2009-05-19 18:19:18 ----A---- C:\ARK30.tmp
    2009-05-18 19:20:59 ----ASH---- C:\ARK1C.tmp
    2009-05-18 19:06:04 ----A---- C:\WINDOWS\system32\p2hhr.bat
    2009-05-18 19:05:59 ----A---- C:\WINDOWS\system32\afnoinkdsfe.dll
    2009-05-18 19:05:58 ----A---- C:\WINDOWS\system32\ak1.exe
    2009-05-18 18:40:39 ----D---- C:\Program Files\Avira
    2009-05-18 18:40:39 ----D---- C:\Documents and Settings\All Users\Application Data\Avira
    2009-05-18 18:24:04 ----D---- C:\_OTMoveIt
    2009-05-17 19:37:16 ----D---- C:\Program Files\trend micro
    2009-05-17 19:37:15 ----D---- C:\rsit
    2009-05-14 23:14:33 ----A---- C:\WINDOWS\system32\GEARAspi.dll
    2009-05-14 23:14:22 ----D---- C:\Program Files\iPod
    2009-05-14 23:14:20 ----D---- C:\Program Files\iTunes
    2009-05-14 23:14:20 ----D---- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
    2009-05-14 23:14:12 ----D---- C:\Program Files\Bonjour
    2009-05-14 23:13:42 ----D---- C:\Program Files\QuickTime
    2009-05-12 22:09:09 ----N---- C:\WINDOWS\system32\vxblock.dll
    2009-05-12 22:09:09 ----N---- C:\WINDOWS\system32\pxwave.dll
    2009-05-12 22:09:09 ----N---- C:\WINDOWS\system32\pxsfs.dll
    2009-05-12 22:09:09 ----N---- C:\WINDOWS\system32\pxmas.dll
    2009-05-12 22:09:09 ----N---- C:\WINDOWS\system32\pxinsa64.exe
    2009-05-12 22:09:09 ----N---- C:\WINDOWS\system32\pxhpinst.exe
    2009-05-12 22:09:09 ----N---- C:\WINDOWS\system32\pxdrv.dll
    2009-05-12 22:09:09 ----N---- C:\WINDOWS\system32\pxcpya64.exe
    2009-05-12 22:09:09 ----N---- C:\WINDOWS\system32\pxafs.dll
    2009-05-12 22:09:09 ----N---- C:\WINDOWS\system32\px.dll
    2009-05-12 22:09:07 ----D---- C:\Program Files\Winamp
    2009-05-12 22:09:07 ----D---- C:\Documents and Settings\Alain\Application Data\Winamp
    2009-05-12 21:46:22 ----D---- C:\Program Files\CCleaner
    2009-05-10 20:32:03 ----D---- C:\Program Files\Alwil Software
    2009-05-10 20:16:32 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
    2009-05-08 11:19:14 ----D---- C:\WINDOWS\Minidump
    2009-05-06 23:11:00 ----A---- C:\WINDOWS\wininit.ini
    2009-05-06 20:19:56 ----D---- C:\Program Files\Spybot - Search & Destroy
    2009-05-06 20:19:56 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2009-05-06 00:49:22 ----D---- C:\WINDOWS\system32\appmgmt
    2009-05-06 00:33:08 ----D---- C:\Documents and Settings\Alain\Application Data\Malwarebytes
    2009-05-06 00:32:54 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    2009-05-06 00:32:54 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2009-05-06 00:27:16 ----A---- C:\WINDOWS\system32\tmp.txt
    2009-05-06 00:27:00 ----A---- C:\rapport.txt
    2009-05-06 00:26:38 ----A---- C:\WINDOWS\system32\WS2Fix.exe
    2009-05-06 00:26:38 ----A---- C:\WINDOWS\system32\VCCLSID.exe
    2009-05-06 00:26:38 ----A---- C:\WINDOWS\system32\VACFix.exe
    2009-05-06 00:26:38 ----A---- C:\WINDOWS\system32\o4Patch.exe
    2009-05-06 00:26:38 ----A---- C:\WINDOWS\system32\IEDFix.exe
    2009-05-06 00:26:38 ----A---- C:\WINDOWS\system32\IEDFix.C.exe
    2009-05-06 00:26:38 ----A---- C:\WINDOWS\system32\Agent.OMZ.Fix.exe
    2009-05-06 00:26:38 ----A---- C:\WINDOWS\system32\404Fix.exe
    2009-05-06 00:26:37 ----A---- C:\WINDOWS\system32\swxcacls.exe
    2009-05-06 00:26:37 ----A---- C:\WINDOWS\system32\swsc.exe
    2009-05-06 00:26:37 ----A---- C:\WINDOWS\system32\swreg.exe
    2009-05-06 00:26:37 ----A---- C:\WINDOWS\system32\SrchSTS.exe
    2009-05-06 00:26:37 ----A---- C:\WINDOWS\system32\Process.exe
    2009-05-06 00:26:37 ----A---- C:\WINDOWS\system32\dumphive.exe
    2009-04-30 14:42:07 ----D---- C:\Program Files\Guitar Pro 5
    2009-04-23 14:59:01 ----D---- C:\Program Files\Adobe Photoshop CS3
    2009-04-23 14:58:52 ----A---- C:\Program Files\unins000.exe
    2009-04-23 14:58:52 ----A---- C:\Program Files\Photoshop.exe
    2009-04-22 18:56:48 ----D---- C:\Documents and Settings\Alain\Application Data\Canon
    2009-04-22 18:32:39 ----A---- C:\WINDOWS\OpPrintServer.INI
    2009-04-22 18:30:36 ----D---- C:\Program Files\Canon

    ======List of files/folders modified in the last 1 months======

    2009-05-19 14:04:34 ----A---- C:\WINDOWS\SchedLgU.Txt
    2009-05-08 00:00:00 ----A---- C:\WINDOWS\DUMP591c.tmp
    2009-04-25 14:30:28 ----A---- C:\WINDOWS\NeroDigital.ini

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 asuskbnt;Enhanced Display Driver Helper Service; C:\WINDOWS\system32\drivers\atkkbnt.sys [2005-06-09 23040]
    R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys []
    R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2008-10-30 75072]
    R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-05 40320]
    R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-11-08 21248]
    R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.2.0.3; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2009-03-29 17801]
    R2 ghaio;ghaio; \??\C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys []
    R2 irda;Protocole IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2004-08-03 87424]
    R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2005-01-16 13059]
    R2 s24trans;Transport RLAN; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2005-05-03 11354]
    R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-05 60800]
    R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-08-30 1333760]
    R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys []
    R3 Cam5603C;BisonCam, USB2.0; C:\WINDOWS\System32\Drivers\Bs350u2.sys [2005-02-17 638720]
    R3 CmBatt;Pilote d'adaptateur secteur Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-03 14080]
    R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-03-19 23400]
    R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
    R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2005-01-16 1036928]
    R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2005-01-16 163328]
    R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2005-09-07 3959808]
    R3 irsir;Pilote série infrarouge Microsoft; C:\WINDOWS\system32\DRIVERS\irsir.sys [2001-08-17 18688]
    R3 IWCA;Intel Wireless Connection Agent Miniport for Win XP; C:\WINDOWS\system32\DRIVERS\iwca.sys [2004-08-12 234496]
    R3 MTsensor;ATK0100 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ATKACPI.sys [2005-02-17 5632]
    R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-05 61824]
    R3 Rasirda;Miniport réseau étendu (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
    R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2007-12-06 220032]
    R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
    R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
    R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
    R3 w29n51;Pilote de carte de connexion réseau Intel(R) PRO/Wireless 2200BG pour Windows XP; C:\WINDOWS\system32\DRIVERS\w29n51.sys [2005-04-30 3281408]
    R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2005-01-16 702592]
    R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Gigabit Ethernet Adapter; C:\WINDOWS\system32\DRIVERS\yukonwxp.sys [2004-06-01 142464]
    S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
    S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
    S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
    S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
    S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
    S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
    S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
    S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-03-05 36864]
    S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
    S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
    S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 AntiVirScheduler;Planificateur Avira AntiVir Personal - Free Antivirus; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-15 68865]
    R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-15 151297]
    R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-03-06 132424]
    R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2005-08-30 376832]
    R2 ATKKeyboardService;ATK Keyboard Service; C:\WINDOWS\ATKKBService.exe [2005-08-07 253952]
    R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
    R2 Eset_TrialReset_serv;Eset TrialReset; C:\WINDOWS\Eset_TrialReset_serv.exe [2008-07-27 69632]
    R2 EvtEng;EvtEng; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2005-06-03 86016]
    R2 Irmon;Moniteur infrarouge; C:\WINDOWS\system32\svchost.exe [2004-08-05 14336]
    R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [2006-10-19 61440]
    R2 OwnershipProtocol;OwnershipProtocol; C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe [2005-05-31 98304]
    R2 OwnershipProtocol;OwnershipProtocol; C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe [2005-05-31 98304]
    R2 RegSrvc;RegSrvc; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2005-06-03 139264]
    R2 S24EventMonitor;Spectrum24 Event Monitor; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2005-06-03 372809]
    R2 spmgr;spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [2005-04-20 118784]
    R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]
    R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-04-02 656168]
    S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-12-05 774144]
    S3 NMIndexingService;NMIndexingService; C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe [2006-12-23 262144]

    -----------------EOF-----------------
    a b 8 Sécurité
    20 Mai 2009 18:37:59

    Re,

    Copie (Ctrl+C) le texte se situant dans le cadre ci-dessous :

    :processes
    explorer.exe

    :reg
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C2BA40A1-74F3-42BD-F434-12345A2C8953}]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\__c00AEE56]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
    "sdfsefsfdvdubgiungfuyd"=-

    :files
    C:\WINDOWS\system32\__c00AEE56.dat
    C:\WINDOWS\system32\afnoinkdsfe.dll
    C:\WINDOWS\system32\ak1.exe

    :commands
    [emptytemp]
    [start explorer]
    [reboot]


    Double clique sur OTMoveIt3.exe afin de le lancer.
    Colle (ou Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
    Clique maintenant sur le bouton [#ff0000]MoveIt![/#f] puis ferme OTMoveIt3.

    [#ff0000]Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
    Accepte en cliquant sur YES.[/#f]

    Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
    Le nom du rapport correspond au moment de sa création : date_heure.log
    20 Mai 2009 21:37:56

    Citation :
    ========== PROCESSES ==========
    Process explorer.exe killed successfully.
    ========== REGISTRY ==========
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C2BA40A1-74F3-42BD-F434-12345A2C8953}\\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\__c00AEE56\\ deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler\\sdfsefsfdvdubgiungfuyd not found.
    ========== FILES ==========
    File move failed. C:\WINDOWS\system32\__c00AEE56.dat scheduled to be moved on reboot.
    C:\WINDOWS\system32\afnoinkdsfe.dll NOT unregistered.
    C:\WINDOWS\system32\afnoinkdsfe.dll moved successfully.
    C:\WINDOWS\system32\ak1.exe moved successfully.
    ========== COMMANDS ==========
    File delete failed. C:\DOCUME~1\Alain\LOCALS~1\Temp\nsrbgxod.bak scheduled to be deleted on reboot.
    File delete failed. C:\DOCUME~1\Alain\LOCALS~1\Temp\etilqs_IP4hKdTiUwYyz0IQ8NNO scheduled to be deleted on reboot.
    File delete failed. C:\DOCUME~1\Alain\LOCALS~1\Temp\~DFF775.tmp scheduled to be deleted on reboot.
    User's Temp folder emptied.
    User's Internet Explorer cache folder emptied.
    File delete failed. C:\Documents and Settings\Alain\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
    User's Temporary Internet Files folder emptied.
    Local Service Temp folder emptied.
    Local Service Temporary Internet Files folder emptied.
    Network Service Temp folder emptied.
    Network Service Temporary Internet Files folder emptied.
    File delete failed. C:\WINDOWS\temp\msb.dll scheduled to be deleted on reboot.
    File delete failed. C:\WINDOWS\temp\nsrbgxod.bak scheduled to be deleted on reboot.
    Windows Temp folder emptied.
    File delete failed. C:\Documents and Settings\Alain\Local Settings\Application Data\Mozilla\Firefox\Profiles\z6a4wxys.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\Alain\Local Settings\Application Data\Mozilla\Firefox\Profiles\z6a4wxys.default\Cache\_CACHE_001_ scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\Alain\Local Settings\Application Data\Mozilla\Firefox\Profiles\z6a4wxys.default\Cache\_CACHE_002_ scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\Alain\Local Settings\Application Data\Mozilla\Firefox\Profiles\z6a4wxys.default\Cache\_CACHE_003_ scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\Alain\Local Settings\Application Data\Mozilla\Firefox\Profiles\z6a4wxys.default\XUL.mfl scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\Alain\Local Settings\Application Data\Mozilla\Firefox\Profiles\z6a4wxys.default\urlclassifier3.sqlite scheduled to be deleted on reboot.
    FireFox cache emptied.
    Temp folders emptied.
    Explorer started successfully

    OTMoveIt3 by OldTimer - Version 1.0.11.0 log created on 05202009_213449

    Files moved on Reboot...
    C:\WINDOWS\system32\__c00AEE56.dat moved successfully.
    C:\DOCUME~1\Alain\LOCALS~1\Temp\nsrbgxod.bak moved successfully.
    File C:\DOCUME~1\Alain\LOCALS~1\Temp\etilqs_IP4hKdTiUwYyz0IQ8NNO not found!
    C:\DOCUME~1\Alain\LOCALS~1\Temp\~DFF775.tmp moved successfully.
    DllUnregisterServer procedure not found in C:\WINDOWS\temp\msb.dll
    C:\WINDOWS\temp\msb.dll NOT unregistered.
    C:\WINDOWS\temp\msb.dll moved successfully.
    C:\WINDOWS\temp\nsrbgxod.bak moved successfully.
    C:\Documents and Settings\Alain\Local Settings\Application Data\Mozilla\Firefox\Profiles\z6a4wxys.default\Cache\_CACHE_MAP_ moved successfully.
    C:\Documents and Settings\Alain\Local Settings\Application Data\Mozilla\Firefox\Profiles\z6a4wxys.default\Cache\_CACHE_001_ moved successfully.
    C:\Documents and Settings\Alain\Local Settings\Application Data\Mozilla\Firefox\Profiles\z6a4wxys.default\Cache\_CACHE_002_ moved successfully.
    C:\Documents and Settings\Alain\Local Settings\Application Data\Mozilla\Firefox\Profiles\z6a4wxys.default\Cache\_CACHE_003_ moved successfully.
    C:\Documents and Settings\Alain\Local Settings\Application Data\Mozilla\Firefox\Profiles\z6a4wxys.default\XUL.mfl moved successfully.
    C:\Documents and Settings\Alain\Local Settings\Application Data\Mozilla\Firefox\Profiles\z6a4wxys.default\urlclassifier3.sqlite moved successfully.
    a b 8 Sécurité
    21 Mai 2009 13:18:09

    Refais un scan RSIT :) 
    21 Mai 2009 23:01:38

    Citation :
    Logfile of random's system information tool 1.06 (written by random/random)
    Run by Alain at 2009-05-21 23:01:15
    Microsoft Windows XP Professionnel Service Pack 2
    System drive C: has 72 GB (85%) free of 84 GB
    Total RAM: 1023 MB (56% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 23:01:19, on 21/05/2009
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\WINDOWS\ATKKBService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\Eset_TrialReset_serv.exe
    C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\WINDOWS\ATK0100\HControl.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\ASUS\ASUS Live Update\ALU.exe
    C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe
    C:\Program Files\ASUS\NB Probe\NBProbe.exe
    C:\Program Files\ASUS\Wireless Console\wcourier.exe
    C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
    C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
    C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe
    C:\Program Files\Winamp\winampa.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\ASUS\Asus ChkMail\ChkMail.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\ATK0100\ATKOSD.exe
    \?\globalroot\C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Winamp\winamp.exe
    C:\Documents and Settings\Alain\Bureau\RSIT.exe
    C:\Program Files\trend micro\Alain.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.asus.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.asus.com/
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [ASUS Live Update] C:\Program Files\ASUS\ASUS Live Update\ALU.exe
    O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
    O4 - HKLM\..\Run: [NB Probe] C:\Program Files\ASUS\NB Probe\NBProbe.exe
    O4 - HKLM\..\Run: [Wireless Console] C:\Program Files\ASUS\Wireless Console\wcourier.exe
    O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
    O4 - HKLM\..\Run: [IntelZeroConfig] C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
    O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
    O4 - HKLM\..\Run: [EOUApp] C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKLM\..\Run: [autochk] rundll32.exe C:\WINDOWS\system32\autochk.dll,_IWMPEvents@16
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [autochk] rundll32.exe C:\DOCUME~1\Alain\protect.dll,_IWMPEvents@16
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\Run: [A00FE38FD.exe] C:\WINDOWS\TEMP\_A00FE38FD.exe (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\Run: [autochk] rundll32.exe C:\DOCUME~1\LOCALS~1\protect.dll,_IWMPEvents@16 (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: ChkDisk.lnk = ?
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: ASUS ChkMail.lnk = C:\Program Files\ASUS\Asus ChkMail\ChkMail.exe
    O8 - Extra context menu item: &Download All by FlashGet - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm
    O8 - Extra context menu item: &Download by FlashGet - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm
    O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com
    O22 - SharedTaskScheduler: sdfsefsfdvdubgiungfuyd - {C2BA40A1-74F3-42BD-F434-12345A2C8953} - C:\WINDOWS\system32\afnoinkdsfe.dll (file missing)
    O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Eset TrialReset (Eset_TrialReset_serv) - Everstrike Software - C:\WINDOWS\Eset_TrialReset_serv.exe
    O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
    O23 - Service: OwnershipProtocol - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
    O23 - Service: OwnershipProtocol - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
    O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe

    --
    End of file - 8041 bytes

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "HControl"=C:\WINDOWS\ATK0100\HControl.exe [2005-07-28 102400]
    "RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2005-09-06 14850560]
    "Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
    "ASUS Live Update"=C:\Program Files\ASUS\ASUS Live Update\ALU.exe [2003-09-19 172032]
    "Power_Gear"=C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe [2005-06-16 86016]
    "NB Probe"=C:\Program Files\ASUS\NB Probe\NBProbe.exe [2005-07-27 765952]
    "Wireless Console"=C:\Program Files\ASUS\Wireless Console\wcourier.exe [2005-07-22 57344]
    "SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2004-12-21 98394]
    "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-12-06 1024000]
    "ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2005-08-30 344064]
    "IntelZeroConfig"=C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe [2005-05-31 401408]
    ""= []
    "IntelWireless"=C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [2005-06-03 385024]
    "EOUApp"=C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe [2005-05-31 356352]
    "NeroFilterCheck"=C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
    "RemoteControl"=C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe [2005-01-12 32768]
    "WinampAgent"=C:\Program Files\Winamp\winampa.exe [2009-04-10 37888]
    "QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-01-05 413696]
    "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-04-02 342312]
    "avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]
    "autochk"=C:\WINDOWS\system32\autochk.dll [2009-05-21 23552]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-05 15360]
    "msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408]
    "autochk"=C:\DOCUME~1\Alain\protect.dll [2009-05-19 23552]

    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
    Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    ASUS ChkMail.lnk - C:\Program Files\ASUS\Asus ChkMail\ChkMail.exe

    C:\Documents and Settings\Alain\Menu Démarrer\Programmes\Démarrage
    ChkDisk.lnk - C:\WINDOWS\system32\rundll32.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
    C:\WINDOWS\system32\Ati2evxx.dll [2005-08-30 46080]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\IntelWireless]
    C:\Program Files\Intel\Wireless\Bin\LgNotify.dll [2005-05-31 110592]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
    sdfsefsfdvdubgiungfuyd - {C2BA40A1-74F3-42BD-F434-12345A2C8953} - C:\WINDOWS\system32\afnoinkdsfe.dll []

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
    "notification packages"=scecli
    C:\WINDOWS\system32\palozora.dll

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Video3D.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Video3D.sys]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "DisableTaskMgr"=0

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=145
    "NoSetActiveDesktop"=0
    "NoActiveDesktopChanges"=0

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoSetActiveDesktop"=
    "NoActiveDesktopChanges"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\GameFace Messenger\GameFace.exe"="C:\Program Files\GameFace Messenger\GameFace.exe:*:Enabled:IM"
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe"="C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe:*:Enabled:Flashget2"
    "C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdate.exe"="C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdate.exe:*:Enabled:FGLiveUpdate"
    "C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdateEx.exe"="C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdateEx.exe:*:Enabled:FGLiveUpdateEx"
    "C:\WINDOWS\Temp\beajxxl7.exe"="C:\WINDOWS\Temp\beajxxl7.exe:*:Enabled:beajxxl7"
    "C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:rundll32"
    "\??\C:\WINDOWS\system32\winlogon.exe"="\??\C:\WINDOWS\system32\winlogon.exe:*:Enabled:rundll32"
    "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
    "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
    "D:\Program Files\Steam\steamapps\aloun3@hotmail.com\counter-strike\hl.exe"="D:\Program Files\Steam\steamapps\aloun3@hotmail.com\counter-strike\hl.exe:*:Enabled:Half-Life Launcher"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d73d3398-4239-11de-acd1-000e35a670f9}]
    shell\Auto\command - H:\PegeFile.pif
    shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL PegeFile.pif

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{df824f9a-4629-11de-ace0-000e35a670f9}]
    shell\AutoRun\command - "H:\Install FreeAgent Tools.exe" /run


    ======List of files/folders created in the last 1 months======

    2009-05-21 20:01:27 ----D---- C:\Documents and Settings\Alain\Application Data\vlc
    2009-05-21 20:00:54 ----D---- C:\Program Files\VideoLAN
    2009-05-21 02:07:05 ----D---- C:\Documents and Settings\Alain\Application Data\DivX
    2009-05-21 01:29:05 ----A---- C:\WINDOWS\system32\lmn_setup.exe
    2009-05-20 14:06:15 ----N---- C:\WINDOWS\system32\pxinsi64.exe
    2009-05-20 14:06:15 ----N---- C:\WINDOWS\system32\pxcpyi64.exe
    2009-05-20 14:05:56 ----D---- C:\Program Files\Fichiers communs\DivX Shared
    2009-05-20 14:05:56 ----D---- C:\Program Files\DivX
    2009-05-20 09:40:21 ----A---- C:\WINDOWS\system32\service-466.exe
    2009-05-19 22:45:29 ----ASH---- C:\WINDOWS\system32\autochk.dll
    2009-05-18 19:06:04 ----A---- C:\WINDOWS\system32\p2hhr.bat
    2009-05-18 18:40:39 ----D---- C:\Program Files\Avira
    2009-05-18 18:40:39 ----D---- C:\Documents and Settings\All Users\Application Data\Avira
    2009-05-18 18:24:04 ----D---- C:\_OTMoveIt
    2009-05-17 19:37:16 ----D---- C:\Program Files\trend micro
    2009-05-17 19:37:15 ----D---- C:\rsit
    2009-05-14 23:14:33 ----A---- C:\WINDOWS\system32\GEARAspi.dll
    2009-05-14 23:14:22 ----D---- C:\Program Files\iPod
    2009-05-14 23:14:20 ----D---- C:\Program Files\iTunes
    2009-05-14 23:14:20 ----D---- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
    2009-05-14 23:14:12 ----D---- C:\Program Files\Bonjour
    2009-05-14 23:13:42 ----D---- C:\Program Files\QuickTime
    2009-05-12 22:09:09 ----N---- C:\WINDOWS\system32\vxblock.dll
    2009-05-12 22:09:09 ----N---- C:\WINDOWS\system32\pxwave.dll
    2009-05-12 22:09:09 ----N---- C:\WINDOWS\system32\pxsfs.dll
    2009-05-12 22:09:09 ----N---- C:\WINDOWS\system32\pxmas.dll
    2009-05-12 22:09:09 ----N---- C:\WINDOWS\system32\pxinsa64.exe
    2009-05-12 22:09:09 ----N---- C:\WINDOWS\system32\pxhpinst.exe
    2009-05-12 22:09:09 ----N---- C:\WINDOWS\system32\pxdrv.dll
    2009-05-12 22:09:09 ----N---- C:\WINDOWS\system32\pxcpya64.exe
    2009-05-12 22:09:09 ----N---- C:\WINDOWS\system32\pxafs.dll
    2009-05-12 22:09:09 ----N---- C:\WINDOWS\system32\px.dll
    2009-05-12 22:09:07 ----D---- C:\Program Files\Winamp
    2009-05-12 22:09:07 ----D---- C:\Documents and Settings\Alain\Application Data\Winamp
    2009-05-12 21:46:22 ----D---- C:\Program Files\CCleaner
    2009-05-10 20:32:03 ----D---- C:\Program Files\Alwil Software
    2009-05-10 20:16:32 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
    2009-05-08 11:19:14 ----D---- C:\WINDOWS\Minidump
    2009-05-06 23:11:00 ----A---- C:\WINDOWS\wininit.ini
    2009-05-06 20:19:56 ----D---- C:\Program Files\Spybot - Search & Destroy
    2009-05-06 20:19:56 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2009-05-06 00:49:22 ----D---- C:\WINDOWS\system32\appmgmt
    2009-05-06 00:33:08 ----D---- C:\Documents and Settings\Alain\Application Data\Malwarebytes
    2009-05-06 00:32:54 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    2009-05-06 00:32:54 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2009-05-06 00:27:16 ----A---- C:\WINDOWS\system32\tmp.txt
    2009-05-06 00:27:00 ----A---- C:\rapport.txt
    2009-05-06 00:26:38 ----A---- C:\WINDOWS\system32\WS2Fix.exe
    2009-05-06 00:26:38 ----A---- C:\WINDOWS\system32\VCCLSID.exe
    2009-05-06 00:26:38 ----A---- C:\WINDOWS\system32\VACFix.exe
    2009-05-06 00:26:38 ----A---- C:\WINDOWS\system32\o4Patch.exe
    2009-05-06 00:26:38 ----A---- C:\WINDOWS\system32\IEDFix.exe
    2009-05-06 00:26:38 ----A---- C:\WINDOWS\system32\IEDFix.C.exe
    2009-05-06 00:26:38 ----A---- C:\WINDOWS\system32\Agent.OMZ.Fix.exe
    2009-05-06 00:26:38 ----A---- C:\WINDOWS\system32\404Fix.exe
    2009-05-06 00:26:37 ----A---- C:\WINDOWS\system32\swxcacls.exe
    2009-05-06 00:26:37 ----A---- C:\WINDOWS\system32\swsc.exe
    2009-05-06 00:26:37 ----A---- C:\WINDOWS\system32\swreg.exe
    2009-05-06 00:26:37 ----A---- C:\WINDOWS\system32\SrchSTS.exe
    2009-05-06 00:26:37 ----A---- C:\WINDOWS\system32\Process.exe
    2009-05-06 00:26:37 ----A---- C:\WINDOWS\system32\dumphive.exe
    2009-04-30 14:42:07 ----D---- C:\Program Files\Guitar Pro 5
    2009-04-23 14:59:01 ----D---- C:\Program Files\Adobe Photoshop CS3
    2009-04-23 14:58:52 ----A---- C:\Program Files\unins000.exe
    2009-04-23 14:58:52 ----A---- C:\Program Files\Photoshop.exe
    2009-04-22 18:56:48 ----D---- C:\Documents and Settings\Alain\Application Data\Canon
    2009-04-22 18:32:39 ----A---- C:\WINDOWS\OpPrintServer.INI
    2009-04-22 18:30:36 ----D---- C:\Program Files\Canon

    ======List of files/folders modified in the last 1 months======

    2009-05-21 19:43:40 ----A---- C:\WINDOWS\NeroDigital.ini
    2009-05-21 02:51:46 ----A---- C:\WINDOWS\SchedLgU.Txt
    2009-05-08 00:00:00 ----A---- C:\WINDOWS\DUMP591c.tmp

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 asuskbnt;Enhanced Display Driver Helper Service; C:\WINDOWS\system32\drivers\atkkbnt.sys [2005-06-09 23040]
    R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys []
    R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2008-10-30 75072]
    R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-05 40320]
    R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-11-08 21248]
    R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.2.0.3; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2009-03-29 17801]
    R2 ghaio;ghaio; \??\C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys []
    R2 irda;Protocole IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2004-08-03 87424]
    R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2005-01-16 13059]
    R2 s24trans;Transport RLAN; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2005-05-03 11354]
    R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-05 60800]
    R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-08-30 1333760]
    R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys []
    R3 Cam5603C;BisonCam, USB2.0; C:\WINDOWS\System32\Drivers\Bs350u2.sys [2005-02-17 638720]
    R3 CmBatt;Pilote d'adaptateur secteur Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-03 14080]
    R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-03-19 23400]
    R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
    R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2005-01-16 1036928]
    R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2005-01-16 163328]
    R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2005-09-07 3959808]
    R3 irsir;Pilote série infrarouge Microsoft; C:\WINDOWS\system32\DRIVERS\irsir.sys [2001-08-17 18688]
    R3 IWCA;Intel Wireless Connection Agent Miniport for Win XP; C:\WINDOWS\system32\DRIVERS\iwca.sys [2004-08-12 234496]
    R3 MTsensor;ATK0100 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ATKACPI.sys [2005-02-17 5632]
    R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-05 61824]
    R3 Rasirda;Miniport réseau étendu (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
    R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2007-12-06 220032]
    R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
    R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
    R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
    R3 w29n51;Pilote de carte de connexion réseau Intel(R) PRO/Wireless 2200BG pour Windows XP; C:\WINDOWS\system32\DRIVERS\w29n51.sys [2005-04-30 3281408]
    R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2005-01-16 702592]
    R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Gigabit Ethernet Adapter; C:\WINDOWS\system32\DRIVERS\yukonwxp.sys [2004-06-01 142464]
    S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
    S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
    S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
    S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
    S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
    S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
    S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
    S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-03-05 36864]
    S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
    S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
    S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 AntiVirScheduler;Planificateur Avira AntiVir Personal - Free Antivirus; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-15 68865]
    R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-15 151297]
    R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-03-06 132424]
    R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2005-08-30 376832]
    R2 ATKKeyboardService;ATK Keyboard Service; C:\WINDOWS\ATKKBService.exe [2005-08-07 253952]
    R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
    R2 Eset_TrialReset_serv;Eset TrialReset; C:\WINDOWS\Eset_TrialReset_serv.exe [2008-07-27 69632]
    R2 EvtEng;EvtEng; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2005-06-03 86016]
    R2 Irmon;Moniteur infrarouge; C:\WINDOWS\system32\svchost.exe [2004-08-05 14336]
    R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [2006-10-19 61440]
    R2 OwnershipProtocol;OwnershipProtocol; C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe [2005-05-31 98304]
    R2 OwnershipProtocol;OwnershipProtocol; C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe [2005-05-31 98304]
    R2 RegSrvc;RegSrvc; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2005-06-03 139264]
    R2 S24EventMonitor;Spectrum24 Event Monitor; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2005-06-03 372809]
    R2 spmgr;spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [2005-04-20 118784]
    R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]
    R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-04-02 656168]
    S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-12-05 774144]
    S3 NMIndexingService;NMIndexingService; C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe [2006-12-23 262144]

    -----------------EOF-----------------
    a b 8 Sécurité
    22 Mai 2009 17:44:17

    Passe un coup de CCleaner (Fichiers & Registre).

    &

    Fais une analyse antivirus en ligne sur Kaspersky avec Internet Explorer.

  • Autorise les Active x.
  • Clique sur Démarrer Online Scanner.
  • Sélectionne le poste de travail comme analyse. Enregistres sous le rapport en format .txt.
  • Colle son rapport ici.
  • Poste un nouveau rapport Hijackthis.

    Aide : Comment faire un scan en ligne avec Kaspersky .
    23 Mai 2009 18:51:58

    !!! J'avais laisser mon pc tourner, et en revenant j'ai vu qu'il avait installer un log qui s'avere etre un virus "Malware Doctor" Depuis j'ai sans cesse des scan , et des petites bulles qui n'arrête pas de mes rappeler que j'utilise une version non enregistrer de Malware Doctor... Aussi mon fond d'écran a changer avec un msg "Warning" en fond qui clignote...
    J'ai de plus en plus de mal a utiliser l'ordinateur...

    Je peux pas faire le scan sur Kaspersky avec ie.. il me manque Java que je n'arrive pas a telecharger a cause des redirection...
    a b 8 Sécurité
    24 Mai 2009 13:45:02

    Refais un scan RSIT pour voir.
    24 Mai 2009 15:36:56

    Citation :
    Logfile of random's system information tool 1.06 (written by random/random)
    Run by Alain at 2009-05-24 15:36:32
    Microsoft Windows XP Professionnel Service Pack 2
    System drive C: has 69 GB (82%) free of 84 GB
    Total RAM: 1023 MB (58% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 15:36:35, on 24/05/2009
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\WINDOWS\ATKKBService.exe
    C:\WINDOWS\System32\avast!Antivirus.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\Eset_TrialReset_serv.exe
    C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\WINDOWS\ATK0100\HControl.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\ASUS\ASUS Live Update\ALU.exe
    C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe
    C:\Program Files\ASUS\NB Probe\NBProbe.exe
    C:\Program Files\ASUS\Wireless Console\wcourier.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
    C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
    C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe
    C:\Program Files\Winamp\winampa.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Documents and Settings\LocalService\Application Data\916653139.exe
    C:\Program Files\ASUS\Asus ChkMail\ChkMail.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\ATK0100\ATKOSD.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    \?\globalroot\C:\WINDOWS\system32\rundll32.exe
    C:\Documents and Settings\Alain\Bureau\RSIT.exe
    C:\Program Files\trend micro\Alain.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.asus.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.asus.com/
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Microsoft copyright - {F30B5E7E-CFBB-44fb-A947-226E5A7A4290} - jhxm32.dll (file missing)
    O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [ASUS Live Update] C:\Program Files\ASUS\ASUS Live Update\ALU.exe
    O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
    O4 - HKLM\..\Run: [NB Probe] C:\Program Files\ASUS\NB Probe\NBProbe.exe
    O4 - HKLM\..\Run: [Wireless Console] C:\Program Files\ASUS\Wireless Console\wcourier.exe
    O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
    O4 - HKLM\..\Run: [IntelZeroConfig] C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
    O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
    O4 - HKLM\..\Run: [EOUApp] C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKLM\..\Run: [Malware Doctor] C:\Documents and Settings\LocalService\Application Data\916653139.exe
    O4 - HKLM\..\Run: [autochk] rundll32.exe C:\WINDOWS\system32\autochk.dll,_IWMPEvents@16
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [Malware Doctor] C:\Documents and Settings\LocalService\Application Data\916653139.exe
    O4 - HKCU\..\Run: [autochk] rundll32.exe C:\DOCUME~1\LOCALS~1\protect.dll,_IWMPEvents@16
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\Run: [A00FE38FD.exe] C:\WINDOWS\TEMP\_A00FE38FD.exe (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\Run: [autochk] rundll32.exe C:\DOCUME~1\NETWOR~1\protect.dll,_IWMPEvents@16 (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - S-1-5-18 Startup: ChkDisk.dll (User 'SYSTEM')
    O4 - S-1-5-18 Startup: ChkDisk.lnk = ? (User 'SYSTEM')
    O4 - .DEFAULT Startup: ChkDisk.dll (User 'Default user')
    O4 - .DEFAULT Startup: ChkDisk.lnk = ? (User 'Default user')
    O4 - Startup: ChkDisk.lnk = ?
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: ASUS ChkMail.lnk = C:\Program Files\ASUS\Asus ChkMail\ChkMail.exe
    O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
    O8 - Extra context menu item: &Download All by FlashGet - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm
    O8 - Extra context menu item: &Download by FlashGet - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm
    O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com
    O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
    O23 - Service: avast!Antivirus - Unknown owner - C:\WINDOWS\System32\avast!Antivirus.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Eset TrialReset (Eset_TrialReset_serv) - Everstrike Software - C:\WINDOWS\Eset_TrialReset_serv.exe
    O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
    O23 - Service: OwnershipProtocol - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
    O23 - Service: OwnershipProtocol - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
    O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe

    --
    End of file - 8645 bytes

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F30B5E7E-CFBB-44fb-A947-226E5A7A4290}]
    Microsoft copyright - C:\WINDOWS\system32\jhxm32.dll [2009-05-23 29184]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "HControl"=C:\WINDOWS\ATK0100\HControl.exe [2005-07-28 102400]
    "RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2005-09-06 14850560]
    "Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
    "ASUS Live Update"=C:\Program Files\ASUS\ASUS Live Update\ALU.exe [2003-09-19 172032]
    "Power_Gear"=C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe [2005-06-16 86016]
    "NB Probe"=C:\Program Files\ASUS\NB Probe\NBProbe.exe [2005-07-27 765952]
    "Wireless Console"=C:\Program Files\ASUS\Wireless Console\wcourier.exe [2005-07-22 57344]
    "SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2004-12-21 98394]
    "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-12-06 1024000]
    "ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2005-08-30 344064]
    "IntelZeroConfig"=C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe [2005-05-31 401408]
    ""= []
    "IntelWireless"=C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [2005-06-03 385024]
    "EOUApp"=C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe [2005-05-31 356352]
    "NeroFilterCheck"=C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
    "RemoteControl"=C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe [2005-01-12 32768]
    "WinampAgent"=C:\Program Files\Winamp\winampa.exe [2009-04-10 37888]
    "QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-01-05 413696]
    "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-04-02 342312]
    "avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]
    "Malware Doctor"=C:\Documents and Settings\LocalService\Application Data\916653139.exe [2009-05-23 96768]
    "autochk"=C:\WINDOWS\system32\autochk.dll [2009-05-24 23552]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-05 15360]
    "msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408]
    "Malware Doctor"=C:\Documents and Settings\LocalService\Application Data\916653139.exe [2009-05-23 96768]
    "autochk"=C:\DOCUME~1\LOCALS~1\protect.dll [2009-05-23 23552]

    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
    Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    ASUS ChkMail.lnk - C:\Program Files\ASUS\Asus ChkMail\ChkMail.exe

    C:\Documents and Settings\Alain\Menu Démarrer\Programmes\Démarrage
    ChkDisk.lnk - C:\WINDOWS\system32\rundll32.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
    C:\WINDOWS\system32\Ati2evxx.dll [2005-08-30 46080]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\IntelWireless]
    C:\Program Files\Intel\Wireless\Bin\LgNotify.dll [2005-05-31 110592]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
    "notification packages"=scecli
    C:\WINDOWS\system32\palozora.dll

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Video3D.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Video3D.sys]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "DisableRegistryTools"=1
    "DisableTaskMgr"=1

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=145
    "NoSetActiveDesktop"=0
    "NoActiveDesktopChanges"=0

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoSetActiveDesktop"=
    "NoActiveDesktopChanges"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\GameFace Messenger\GameFace.exe"="C:\Program Files\GameFace Messenger\GameFace.exe:*:Enabled:IM"
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe"="C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe:*:Enabled:Flashget2"
    "C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdate.exe"="C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdate.exe:*:Enabled:FGLiveUpdate"
    "C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdateEx.exe"="C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdateEx.exe:*:Enabled:FGLiveUpdateEx"
    "C:\WINDOWS\Temp\beajxxl7.exe"="C:\WINDOWS\Temp\beajxxl7.exe:*:Enabled:beajxxl7"
    "C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:rundll32"
    "\??\C:\WINDOWS\system32\winlogon.exe"="\??\C:\WINDOWS\system32\winlogon.exe:*:Enabled:rundll32"
    "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
    "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
    "D:\Program Files\Steam\steamapps\aloun3@hotmail.com\counter-strike\hl.exe"="D:\Program Files\Steam\steamapps\aloun3@hotmail.com\counter-strike\hl.exe:*:Enabled:Half-Life Launcher"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d73d3398-4239-11de-acd1-000e35a670f9}]
    shell\Auto\command - H:\PegeFile.pif
    shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL PegeFile.pif

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{df824f9a-4629-11de-ace0-000e35a670f9}]
    shell\AutoRun\command - "H:\Install FreeAgent Tools.exe" /run


    ======List of files/folders created in the last 1 months======

    2009-05-23 19:55:52 ----ASH---- C:\WINDOWS\system32\autochk.dll
    2009-05-23 19:55:51 ----A---- C:\WINDOWS\system32\lmn_setup.exe
    2009-05-22 19:59:15 ----A---- C:\WINDOWS\system32\lklf32.dll
    2009-05-22 19:59:09 ----A---- C:\WINDOWS\system32\userinit.exe
    2009-05-22 16:41:02 ----D---- C:\Documents and Settings\Alain\Application Data\dvdcss
    2009-05-22 09:58:12 ----A---- C:\WINDOWS\system32\jhxm32.dll
    2009-05-22 09:27:40 ----A---- C:\WINDOWS\system32\vp_setup.exe.bat
    2009-05-22 09:27:38 ----A---- C:\WINDOWS\system32\vp_setup.exe
    2009-05-22 08:57:37 ----A---- C:\WINDOWS\system32\avast!Antivirus.exe
    2009-05-21 20:01:27 ----D---- C:\Documents and Settings\Alain\Application Data\vlc
    2009-05-21 20:00:54 ----D---- C:\Program Files\VideoLAN
    2009-05-21 02:07:05 ----D---- C:\Documents and Settings\Alain\Application Data\DivX
    2009-05-20 14:06:15 ----N---- C:\WINDOWS\system32\pxinsi64.exe
    2009-05-20 14:06:15 ----N---- C:\WINDOWS\system32\pxcpyi64.exe
    2009-05-20 14:05:56 ----D---- C:\Program Files\Fichiers communs\DivX Shared
    2009-05-20 14:05:56 ----D---- C:\Program Files\DivX
    2009-05-20 09:40:21 ----A---- C:\WINDOWS\system32\service-466.exe
    2009-05-18 18:40:39 ----D---- C:\Program Files\Avira
    2009-05-18 18:40:39 ----D---- C:\Documents and Settings\All Users\Application Data\Avira
    2009-05-18 18:24:04 ----D---- C:\_OTMoveIt
    2009-05-17 19:37:16 ----D---- C:\Program Files\trend micro
    2009-05-17 19:37:15 ----D---- C:\rsit
    2009-05-14 23:14:33 ----A---- C:\WINDOWS\system32\GEARAspi.dll
    2009-05-14 23:14:22 ----D---- C:\Program Files\iPod
    2009-05-14 23:14:20 ----D---- C:\Program Files\iTunes
    2009-05-14 23:14:20 ----D---- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
    2009-05-14 23:14:12 ----D---- C:\Program Files\Bonjour
    2009-05-14 23:13:42 ----D---- C:\Program Files\QuickTime
    2009-05-12 22:09:09 ----N---- C:\WINDOWS\system32\vxblock.dll
    2009-05-12 22:09:09 ----N---- C:\WINDOWS\system32\pxwave.dll
    2009-05-12 22:09:09 ----N---- C:\WINDOWS\system32\pxsfs.dll
    2009-05-12 22:09:09 ----N---- C:\WINDOWS\system32\pxmas.dll
    2009-05-12 22:09:09 ----N---- C:\WINDOWS\system32\pxinsa64.exe
    2009-05-12 22:09:09 ----N---- C:\WINDOWS\system32\pxhpinst.exe
    2009-05-12 22:09:09 ----N---- C:\WINDOWS\system32\pxdrv.dll
    2009-05-12 22:09:09 ----N---- C:\WINDOWS\system32\pxcpya64.exe
    2009-05-12 22:09:09 ----N---- C:\WINDOWS\system32\pxafs.dll
    2009-05-12 22:09:09 ----N---- C:\WINDOWS\system32\px.dll
    2009-05-12 22:09:07 ----D---- C:\Program Files\Winamp
    2009-05-12 22:09:07 ----D---- C:\Documents and Settings\Alain\Application Data\Winamp
    2009-05-12 21:46:22 ----D---- C:\Program Files\CCleaner
    2009-05-10 20:32:03 ----D---- C:\Program Files\Alwil Software
    2009-05-10 20:16:32 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
    2009-05-08 11:19:14 ----D---- C:\WINDOWS\Minidump
    2009-05-06 23:11:00 ----A---- C:\WINDOWS\wininit.ini
    2009-05-06 20:19:56 ----D---- C:\Program Files\Spybot - Search & Destroy
    2009-05-06 20:19:56 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2009-05-06 00:49:22 ----D---- C:\WINDOWS\system32\appmgmt
    2009-05-06 00:33:08 ----D---- C:\Documents and Settings\Alain\Application Data\Malwarebytes
    2009-05-06 00:32:54 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    2009-05-06 00:32:54 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2009-05-06 00:27:16 ----A---- C:\WINDOWS\system32\tmp.txt
    2009-05-06 00:27:00 ----A---- C:\rapport.txt
    2009-05-06 00:26:38 ----A---- C:\WINDOWS\system32\WS2Fix.exe
    2009-05-06 00:26:38 ----A---- C:\WINDOWS\system32\VCCLSID.exe
    2009-05-06 00:26:38 ----A---- C:\WINDOWS\system32\VACFix.exe
    2009-05-06 00:26:38 ----A---- C:\WINDOWS\system32\o4Patch.exe
    2009-05-06 00:26:38 ----A---- C:\WINDOWS\system32\IEDFix.exe
    2009-05-06 00:26:38 ----A---- C:\WINDOWS\system32\IEDFix.C.exe
    2009-05-06 00:26:38 ----A---- C:\WINDOWS\system32\Agent.OMZ.Fix.exe
    2009-05-06 00:26:38 ----A---- C:\WINDOWS\system32\404Fix.exe
    2009-05-06 00:26:37 ----A---- C:\WINDOWS\system32\swxcacls.exe
    2009-05-06 00:26:37 ----A---- C:\WINDOWS\system32\swsc.exe
    2009-05-06 00:26:37 ----A---- C:\WINDOWS\system32\swreg.exe
    2009-05-06 00:26:37 ----A---- C:\WINDOWS\system32\SrchSTS.exe
    2009-05-06 00:26:37 ----A---- C:\WINDOWS\system32\Process.exe
    2009-05-06 00:26:37 ----A---- C:\WINDOWS\system32\dumphive.exe
    2009-04-30 14:42:07 ----D---- C:\Program Files\Guitar Pro 5

    ======List of files/folders modified in the last 1 months======

    2009-05-24 06:42:08 ----A---- C:\WINDOWS\SchedLgU.Txt
    2009-05-23 19:46:20 ----A---- C:\WINDOWS\NeroDigital.ini
    2009-05-08 00:00:00 ----A---- C:\WINDOWS\DUMP591c.tmp

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 asuskbnt;Enhanced Display Driver Helper Service; C:\WINDOWS\system32\drivers\atkkbnt.sys [2005-06-09 23040]
    R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys []
    R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2008-10-30 75072]
    R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-05 40320]
    R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-11-08 21248]
    R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.2.0.3; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2009-03-29 17801]
    R2 ghaio;ghaio; \??\C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys []
    R2 irda;Protocole IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2004-08-03 87424]
    R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2005-01-16 13059]
    R2 s24trans;Transport RLAN; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2005-05-03 11354]
    R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-05 60800]
    R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-08-30 1333760]
    R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys []
    R3 Cam5603C;BisonCam, USB2.0; C:\WINDOWS\System32\Drivers\Bs350u2.sys [2005-02-17 638720]
    R3 CmBatt;Pilote d'adaptateur secteur Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-03 14080]
    R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-03-19 23400]
    R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
    R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2005-01-16 1036928]
    R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2005-01-16 163328]
    R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2005-09-07 3959808]
    R3 irsir;Pilote série infrarouge Microsoft; C:\WINDOWS\system32\DRIVERS\irsir.sys [2001-08-17 18688]
    R3 IWCA;Intel Wireless Connection Agent Miniport for Win XP; C:\WINDOWS\system32\DRIVERS\iwca.sys [2004-08-12 234496]
    R3 MTsensor;ATK0100 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ATKACPI.sys [2005-02-17 5632]
    R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-05 61824]
    R3 Rasirda;Miniport réseau étendu (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
    R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2007-12-06 220032]
    R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
    R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
    R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
    R3 w29n51;Pilote de carte de connexion réseau Intel(R) PRO/Wireless 2200BG pour Windows XP; C:\WINDOWS\system32\DRIVERS\w29n51.sys [2005-04-30 3281408]
    R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2005-01-16 702592]
    R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Gigabit Ethernet Adapter; C:\WINDOWS\system32\DRIVERS\yukonwxp.sys [2004-06-01 142464]
    S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
    S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
    S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
    S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
    S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
    S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
    S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
    S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-03-05 36864]
    S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
    S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
    S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 AntiVirScheduler;Planificateur Avira AntiVir Personal - Free Antivirus; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-15 68865]
    R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-15 151297]
    R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-03-06 132424]
    R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2005-08-30 376832]
    R2 ATKKeyboardService;ATK Keyboard Service; C:\WINDOWS\ATKKBService.exe [2005-08-07 253952]
    R2 avast!Antivirus;avast!Antivirus; C:\WINDOWS\System32\avast!Antivirus.exe [2009-05-22 32768]
    R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
    R2 Eset_TrialReset_serv;Eset TrialReset; C:\WINDOWS\Eset_TrialReset_serv.exe [2008-07-27 69632]
    R2 EvtEng;EvtEng; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2005-06-03 86016]
    R2 Irmon;Moniteur infrarouge; C:\WINDOWS\system32\svchost.exe [2004-08-05 14336]
    R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [2006-10-19 61440]
    R2 OwnershipProtocol;OwnershipProtocol; C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe [2005-05-31 98304]
    R2 OwnershipProtocol;OwnershipProtocol; C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe [2005-05-31 98304]
    R2 RegSrvc;RegSrvc; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2005-06-03 139264]
    R2 S24EventMonitor;Spectrum24 Event Monitor; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2005-06-03 372809]
    R2 spmgr;spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [2005-04-20 118784]
    R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]
    R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-04-02 656168]
    S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-12-05 774144]
    S3 NMIndexingService;NMIndexingService; C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe [2006-12-23 262144]

    -----------------EOF-----------------
    a b 8 Sécurité
    25 Mai 2009 13:08:52

    Re,

    Télécharge ComboFix (de sUBs) sur ton Bureau.

  • Désactive temporairement toute protection résidente ! (Antivirus, antispywares..)
  • Double clique sur ComboFix.exe.
  • Accepte la licence en cliquant sur Oui.
  • Le programme va te demander si tu souhaites installer la Console de Récupération. C'est une précaution, au cas où l'ordinateur tomberait en panne. Je te conseille donc de l'installer, ça ne coûte rien, et ça pourrait potentiellement servir !
  • Lorsque l'opération sera terminée, un rapport apparaîtra. Poste ce rapport dans ta prochaine réponse.

    Le rapport se trouve ici : %SystemDrive%\ComboFix.txt (%systemdrive% étant la partition où est installée Windows; C:\ en général)

    Aide : Comment utiliser ComboFix.
    25 Mai 2009 19:16:25

    Donc j'ai fait ce que tu as dit, cependant il ma demandé de redemarré, ce que je fais (pas le choix), au redemarage windows a fait une verification des disque dur, puis ensuite au démarage avant d'arriver sur le bureau avira a détecté pas mal de truk, et le combotfix a effectué des taches. Au démarage je n'ai plus le message doctors malware et j'ai retrouvé mon fond d'écran.

    Citation :
    ComboFix 09-05-24.07 - Alain 25/05/2009 19:08.1 - FAT32x86
    Microsoft Windows XP Professionnel 5.1.2600.2.1252.33.1036.18.1023.705 [GMT 2:00]
    Lancé depuis: c:\documents and settings\Alain\Bureau\ComboFix.exe
    AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    c:\documents and settings\Alain\Application Data\BITS
    c:\documents and settings\Alain\Application Data\BITS\BITS.ini
    c:\documents and settings\Alain\Application Data\BITS\DHTTable.dat
    c:\documents and settings\Alain\Application Data\BITS\ProxyList.ini
    c:\documents and settings\Alain\Application Data\BITS\Torrent\20090511232216.torrent
    c:\documents and settings\Alain\Application Data\BITS\Torrent\20090511232216.torrent.~tmp
    c:\documents and settings\Alain\Application Data\BITS\Torrent\20090511232216.torrent.bits
    c:\documents and settings\Alain\Application Data\BITS\Torrent\20090511232216.torrent.filelist
    c:\documents and settings\Alain\Application Data\BITS\Torrent\20090511232216.torrent.hybridlist
    c:\documents and settings\Alain\Application Data\BITS\Torrent\20090511232216.torrent.seeds
    c:\documents and settings\Alain\Application Data\BITS\UPnP.ini
    c:\documents and settings\Alain\protect.dll
    c:\documents and settings\LocalService\Application Data\916653139.exe
    c:\documents and settings\LocalService\protect.dll
    c:\documents and settings\NetworkService\protect.dll
    c:\program files\FlashGet Network
    c:\program files\FlashGet Network\FlashGet universal\btcore.dll
    c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\4a089708.torrent
    c:\program files\FlashGet Network\FlashGet universal\btwrap.dll
    c:\program files\FlashGet Network\FlashGet universal\BugReport.dll
    c:\program files\FlashGet Network\FlashGet universal\BugReport.exe
    c:\program files\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm
    c:\program files\FlashGet Network\FlashGet universal\ComDlls\bhoCATCH.dll
    c:\program files\FlashGet Network\FlashGet universal\ComDlls\Bhocfg.ini
    c:\program files\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm
    c:\program files\FlashGet Network\FlashGet universal\ComDlls\ComDlls.ini
    c:\program files\FlashGet Network\FlashGet universal\ComDlls\flashget.xpi
    c:\program files\FlashGet Network\FlashGet universal\ComDlls\FlashgetXpi.dll
    c:\program files\FlashGet Network\FlashGet universal\ComDlls\IFlashgetXpi.xpt
    c:\program files\FlashGet Network\FlashGet universal\dbghelp.dll
    c:\program files\FlashGet Network\FlashGet universal\DBTrans.dll
    c:\program files\FlashGet Network\FlashGet universal\dbtrans_verbose.log
    c:\program files\FlashGet Network\FlashGet universal\DBTransC.exe
    c:\program files\FlashGet Network\FlashGet universal\ed2kwrap.dll
    c:\program files\FlashGet Network\FlashGet universal\explorerbar.dll
    c:\program files\FlashGet Network\FlashGet universal\fgoption.ini
    c:\program files\FlashGet Network\FlashGet universal\FGVer.dll
    c:\program files\FlashGet Network\FlashGet universal\flashget.exe
    c:\program files\FlashGet Network\FlashGet universal\gt.exe
    c:\program files\FlashGet Network\FlashGet universal\hashgen.dll
    c:\program files\FlashGet Network\FlashGet universal\Help\license.txt
    c:\program files\FlashGet Network\FlashGet universal\Help\Readme.txt
    c:\program files\FlashGet Network\FlashGet universal\Help\WHATSNEW.TXT
    c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\AddBatchLinksDlg.ini
    c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\AddBTTask.ini
    c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\Added.ini
    c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\AddEMTask.ini
    c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\AddHpFpLink.ini
    c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\AddLinksDlg.ini
    c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\AddLinksDlgEx.ini
    c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\AddLinksModern.ini
    c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\BrowserPlugins.ini
    c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\BTOption.ini
    c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\CategoryView.ini
    c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\ComfirmWhenExitDialog.ini
    c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\CommonDlg.ini
    c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\ConfirmInvalidLinks.ini
    c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\ContextMenu.ini
    c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\DefaultDownloadsDialog.ini
    c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\DeleteFilesDialog.ini
    c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\DetailStatus.ini
    c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\EMOption.ini
    c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\EMServers.ini
    c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\ExplorerPane.ini
    c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\ExtensionRuleDlg.ini
    c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\FG2SearchTopPlugin.ini
    c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\FileListCtrl.ini
    c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\FileRemovedDialog.ini
    c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\FindTaskDialog.ini
    c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\FlashgetAbout.ini
    c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\FlashGetDlg.ini
    c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\FSUStatusBar.ini
    c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\GarageLoginDialog.ini
    c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\GarageView.ini
    c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\HotResource.ini
    c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\HpFpOption.ini
    c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\Info.ini
    c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\LogsOutput.ini
    c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\MACReader.ini
    c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\MainMenu.ini
    c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\MainToolbar.ini
    c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\MonitorOption.ini
    c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\NormalOption.ini
    c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\NotifyOption.ini
    c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\Option.ini
    c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\P4PPluginMain.ini
    c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\ProxySetting.ini
    c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\SearchBar.ini
    c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\Security.ini
    c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\SecurityOption.ini
    c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\SecurityScan.ini
    c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\SecurityToolbar.ini
    c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\Shutdown.ini
    c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\StatusBar.ini
    c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\TaskDefOption.ini
    c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\TaskListView.ini
    c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\TaskNotify.ini
    c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\UserListCtrl.ini
    c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\XpEnhance.ini
    c:\program files\FlashGet Network\FlashGet universal\libupnp.dll
    c:\program files\FlashGet Network\FlashGet universal\LiveUpdateUI.dll
    c:\program files\FlashGet Network\FlashGet universal\modules\ComHelper\ComHelper.dll
    c:\program files\FlashGet Network\FlashGet universal\modules\ComHelper\Info.ini
    c:\program files\FlashGet Network\FlashGet universal\modules\Downstat\Downstat.dll
    c:\program files\FlashGet Network\FlashGet universal\modules\Downstat\Info.ini
    c:\program files\FlashGet Network\FlashGet universal\modules\P4pclient\Info.ini
    c:\program files\FlashGet Network\FlashGet universal\modules\P4pclient\P4pclient.dll
    c:\program files\FlashGet Network\FlashGet universal\modules\P4pclient\Thumbs.db
    c:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\Info.ini
    c:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\Resource.ini
    c:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\Resource\iexplorer.bmp
    c:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\Resource\resource.bmp
    c:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\Resource\resource.xml
    c:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\Resource\search.bmp
    c:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\Resource\subscribe.bmp
    c:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\Resource\Thumbs.db
    c:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\SearchTop.dll
    c:\program files\FlashGet Network\FlashGet universal\modules\Security\FunctionalRepair.bmp
    c:\program files\FlashGet Network\FlashGet universal\modules\Security\Info.ini
    c:\program files\FlashGet Network\FlashGet universal\modules\Security\Scanning.bmp
    c:\program files\FlashGet Network\FlashGet universal\modules\Security\Security.bmp
    c:\program files\FlashGet Network\FlashGet universal\modules\Security\SECURITY.dll
    c:\program files\FlashGet Network\FlashGet universal\modules\Security\Security.xml
    c:\program files\FlashGet Network\FlashGet universal\modules\Security\SystemFix.bmp
    c:\program files\FlashGet Network\FlashGet universal\modules\SnapShot\Info.ini
    c:\program files\FlashGet Network\FlashGet universal\modules\SnapShot\SamplerCli.dll
    c:\program files\FlashGet Network\FlashGet universal\modules\SnapShot\SnapShot.dll
    c:\program files\FlashGet Network\FlashGet universal\modules\tasknotifier\Info.ini
    c:\program files\FlashGet Network\FlashGet universal\modules\tasknotifier\tasknotifier.dll
    c:\program files\FlashGet Network\FlashGet universal\P2PCfg.ini
    c:\program files\FlashGet Network\FlashGet universal\P2PCore.dll
    c:\program files\FlashGet Network\FlashGet universal\p2pprot.dll
    c:\program files\FlashGet Network\FlashGet universal\p2snetio.dll
    c:\program files\FlashGet Network\FlashGet universal\p2spmgr.dll
    c:\program files\FlashGet Network\FlashGet universal\p2spmgr.ini
    c:\program files\FlashGet Network\FlashGet universal\p2sprot.dll
    c:\program files\FlashGet Network\FlashGet universal\p2spwrap.dll
    c:\program files\FlashGet Network\FlashGet universal\p4spmgr.ini
    c:\program files\FlashGet Network\FlashGet universal\Profiles\config.dat
    c:\program files\FlashGet Network\FlashGet universal\Profiles\tasks.dat
    c:\program files\FlashGet Network\FlashGet universal\Skins\close_default.bmp
    c:\program files\FlashGet Network\FlashGet universal\Skins\close_press.bmp
    c:\program files\FlashGet Network\FlashGet universal\Skins\close_select.bmp
    c:\program files\FlashGet Network\FlashGet universal\Skins\max_default.bmp
    c:\program files\FlashGet Network\FlashGet universal\Skins\max_press.bmp
    c:\program files\FlashGet Network\FlashGet universal\Skins\max_select.bmp
    c:\program files\FlashGet Network\FlashGet universal\Skins\min_default.bmp
    c:\program files\FlashGet Network\FlashGet universal\Skins\min_press.bmp
    c:\program files\FlashGet Network\FlashGet universal\Skins\min_select.bmp
    c:\program files\FlashGet Network\FlashGet universal\Skins\notify.wav
    c:\program files\FlashGet Network\FlashGet universal\Skins\notify_board.bmp
    c:\program files\FlashGet Network\FlashGet universal\Skins\notify_icon.bmp
    c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarCT\Back.bmp
    c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarCT\Backward.bmp
    c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarCT\BrowserBarCT.xml
    c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarCT\FlashgetResource.bmp
    c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarCT\Forward.bmp
    c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarCT\Home.bmp
    c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarDisableCT\Backward.bmp
    c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarDisableCT\BrowserBarDisableCT.xml
    c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarDisableCT\Forward.bmp
    c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarDisableCT\Home.bmp
    c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarDisableCT\Resource.bmp
    c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\Available.bmp
    c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\CategoryTreeCT.xml
    c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\Downloaded.bmp
    c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\Downloading.bmp
    c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\Favorite.bmp
    c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\Flashget.bmp
    c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\Release.bmp
    c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\Rubbish.bmp
    c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\Search.bmp
    c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\ExpBar\Expbar.xml
    c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\ExpBar\garage.bmp
    c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\ExpBar\resource.bmp
    c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\ExpBar\transfer.bmp
    c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\BT.bmp
    c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\EM.bmp
    c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\GlobalOptionCT.xml
    c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\HpFp.bmp
    c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\Monitor.bmp
    c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\Normal.bmp
    c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\Notify.bmp
    c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\Proxy.bmp
    c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\TaskDef.bmp
    c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\Info.ini
    c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\About.bmp
    c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\DeleteTask.bmp
    c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\folder.bmp
    c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\MainMenuCT.xml
    c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\MoveDownTask.bmp
    c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\MoveUpTask.bmp
    c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\NewTask.bmp
    c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\open.bmp
    c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\Option.bmp
    c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\PauseTask.bmp
    c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\Resource.bmp
    c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\StartTask.bmp
    c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\TaskProperties.bmp
    c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\About.bmp
    c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\DeleteTask.bmp
    c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\Folder.bmp
    c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\MainToolbarCT.xml
    c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\NewTask.bmp
    c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\Open.bmp
    c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\Option.bmp
    c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\PauseTask.bmp
    c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\Resource.bmp
    c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\StartTask.bmp
    c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\TaskProperties.bmp
    c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\About.bmp
    c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\DeleteTask.bmp
    c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\Folder.bmp
    c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\MainToolbarDisableCT.xml
    c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\NewTask.bmp
    c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\Open.bmp
    c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\Option.bmp
    c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\PauseTask.bmp
    c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\Resource.bmp
    c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\StartTask.bmp
    c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\TaskProperties.bmp
    c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\Monitor\InfoBkg.Bmp
    c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\Monitor\MonitorBkg.bmp
    c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\OutpuLogCT\Down.bmp
    c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\OutpuLogCT\Error.bmp
    c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\OutpuLogCT\Normal.bmp
    c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\OutpuLogCT\OutpuLogCT.xml
    c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\OutpuLogCT\Up.bmp
    c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\All.bmp
    c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\Book.bmp
    c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\Bt.bmp
    c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\Game.bmp
    c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\Movie.bmp
    c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\Music.bmp
    c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\Phone.bmp
    c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\Picture.bmp
    c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\SobarIconCT.xml
    c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\Software.bmp
    c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\Error.bmp
    c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\hashing.bmp
    c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\OK.bmp
    c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\Pause.bmp
    c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\Pin.bmp
    c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\Schedule.bmp
    c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\Start.bmp
    c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\TaskListCT.xml
    c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\Upload.bmp
    c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\Wait.bmp
    c:\program files\FlashGet Network\FlashGet universal\Skins\Thumbs.db
    c:\program files\FlashGet Network\FlashGet universal\storage.dll
    c:\program files\FlashGet Network\FlashGet universal\SysOpt.exe
    c:\program files\FlashGet Network\FlashGet universal\transaction.log
    c:\program files\FlashGet Network\FlashGet universal\uninst.exe
    c:\program files\FlashGet Network\FlashGet universal\zlib.dll
    c:\windows\system32\404Fix.exe
    c:\windows\system32\Agent.OMZ.Fix.exe
    c:\windows\system32\autochk.dll
    c:\windows\system32\avast!Antivirus.exe
    c:\windows\system32\config\systemprofile\protect.dll
    c:\windows\system32\drivers\ovfsthkpxrdylkdmttiviinaswveuwoexudpge.sys
    c:\windows\system32\dumphive.exe
    c:\windows\system32\IEDFix.C.exe
    c:\windows\system32\IEDFix.exe
    c:\windows\system32\jhxm32.dll
    c:\windows\system32\lklf32.dll
    c:\windows\system32\lmn_setup.exe
    c:\windows\system32\o4Patch.exe
    c:\windows\system32\ovfsthlmqwvivnangtjcixgmnojdrjqignajwu.dll
    c:\windows\system32\ovfsthlog.dat
    c:\windows\system32\ovfsthnpekwxdywvttofkcjrflbuyqqynqcykp.dat
    c:\windows\system32\ovfsthrexpjxbyqmmuuasflpgiggwvjynoxdqe.dat
    c:\windows\system32\ovfsthyqyswmgurlxroosvtbrxyjjbvfuwdupx.dll
    c:\windows\system32\ovfsthyxdmnevjkrxiiktohwnxhikhiiijrnab.dll
    c:\windows\system32\Process.exe
    c:\windows\system32\service-466.exe
    c:\windows\system32\sft.res
    c:\windows\system32\SrchSTS.exe
    c:\windows\system32\tmp.reg
    c:\windows\system32\uniq.tll
    c:\windows\system32\VACFix.exe
    c:\windows\system32\VCCLSID.exe
    c:\windows\system32\vp_setup.exe
    c:\windows\system32\vp_setup.exe.bat
    c:\windows\system32\WS2Fix.exe
    C:\xcrashdump.dat
    D:\Autorun.inf

    .
    ((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    -------\Service_ovfsthkllrmfxwkberqvkaxholewboovwnvmas
    -------\Legacy_AVAST!ANTIVIRUS
    -------\Service_avast!Antivirus


    ((((((((((((((((((((((((((((( Fichiers créés du 2009-04-25 au 2009-05-25 ))))))))))))))))))))))))))))))))))))
    .

    2009-05-22 17:59 . 2004-08-05 12:00 25088 ----a-w c:\windows\system32\userinit.exe
    2009-05-22 17:59 . 2004-08-05 12:00 25088 ----a-w c:\windows\system32\dllcache\userinit.exe
    2009-05-22 14:41 . 2009-05-22 14:41 -------- d-----w c:\documents and settings\Alain\Application Data\dvdcss
    2009-05-21 18:01 . 2009-05-21 18:01 -------- d-----w c:\documents and settings\Alain\Application Data\vlc
    2009-05-21 18:00 . 2009-05-21 18:00 -------- d-----w c:\program files\VideoLAN
    2009-05-21 00:07 . 2009-05-21 00:07 -------- d-----w c:\documents and settings\Alain\Application Data\DivX
    2009-05-20 12:06 . 2009-04-15 20:25 120056 ------w c:\windows\system32\pxcpyi64.exe
    2009-05-20 12:06 . 2009-04-15 20:25 118520 ------w c:\windows\system32\pxinsi64.exe
    2009-05-20 12:05 . 2009-05-20 12:05 -------- d-----w c:\program files\Fichiers communs\DivX Shared
    2009-05-20 12:05 . 2009-05-20 12:05 -------- d-----w c:\program files\DivX
    2009-05-18 16:40 . 2008-05-09 10:15 45376 ----a-w c:\windows\system32\drivers\avgntdd.sys
    2009-05-18 16:40 . 2008-01-21 15:11 22336 ----a-w c:\windows\system32\drivers\avgntmgr.sys
    2009-05-18 16:40 . 2008-10-30 08:21 75072 ----a-w c:\windows\system32\drivers\avipbb.sys
    2009-05-18 16:40 . 2009-05-18 16:40 -------- d-----w c:\program files\Avira
    2009-05-18 16:40 . 2009-05-18 16:40 -------- d-----w c:\documents and settings\All Users\Application Data\Avira
    2009-05-18 16:24 . 2009-05-18 16:24 -------- d-----w C:\_OTMoveIt
    2009-05-17 17:37 . 2009-05-17 17:37 -------- d-----w c:\program files\trend micro
    2009-05-17 17:37 . 2009-05-17 17:37 -------- d-----w C:\rsit
    2009-05-14 21:14 . 2009-03-19 14:32 23400 ----a-w c:\windows\system32\drivers\GEARAspiWDM.sys
    2009-05-14 21:14 . 2008-04-17 10:12 107368 ----a-w c:\windows\system32\GEARAspi.dll
    2009-05-14 21:14 . 2009-05-14 21:14 -------- d-----w c:\program files\iPod
    2009-05-14 21:14 . 2009-05-14 21:14 -------- d-----w c:\program files\iTunes
    2009-05-14 21:14 . 2009-05-14 21:14 -------- d-----w c:\documents and settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
    2009-05-14 21:14 . 2009-05-14 21:14 -------- d-----w c:\program files\Bonjour
    2009-05-14 21:13 . 2009-05-14 21:13 -------- d-----w c:\program files\QuickTime
    2009-05-12 19:46 . 2009-05-12 19:46 -------- d-----w c:\program files\CCleaner
    2009-05-10 18:32 . 2009-05-10 18:32 -------- d-----w c:\program files\Alwil Software
    2009-05-10 18:16 . 2009-05-10 18:16 -------- d-----w c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files
    2009-05-06 18:19 . 2009-05-06 18:19 -------- d-----w c:\program files\Spybot - Search & Destroy
    2009-05-06 18:19 . 2009-05-06 18:19 -------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
    2009-05-05 22:58 . 2009-03-24 14:08 55640 ----a-w c:\windows\system32\drivers\avgntflt.sys
    2009-05-05 22:33 . 2009-05-05 22:33 -------- d-----w c:\documents and settings\Alain\Application Data\Malwarebytes
    2009-05-05 22:32 . 2009-04-06 13:32 15504 ----a-w c:\windows\system32\drivers\mbam.sys
    2009-05-05 22:32 . 2009-04-06 13:32 38496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
    2009-05-05 22:32 . 2009-05-05 22:32 -------- d-----w c:\program files\Malwarebytes' Anti-Malware
    2009-05-05 22:32 . 2009-05-05 22:32 -------- d-----w c:\documents and settings\All Users\Application Data\Malwarebytes
    2009-05-05 19:37 . 2009-05-05 19:37 -------- d-----w c:\documents and settings\Alain\Local Settings\Application Data\ESET
    2009-04-30 12:42 . 2009-04-30 12:42 -------- d-----w c:\program files\Guitar Pro 5

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2009-05-19 20:31 . 2009-03-29 16:04 13312 ----a-w c:\documents and settings\Alain\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
    2009-05-12 20:09 . 2009-05-12 20:09 -------- d-----w c:\program files\Winamp
    2009-05-12 20:09 . 2009-05-12 20:09 -------- d-----w c:\documents and settings\Alain\Application Data\Winamp
    2009-05-07 22:00 . 2009-03-29 14:43 94208 ----a-w c:\windows\DUMP591c.tmp
    2009-04-23 13:00 . 2009-04-23 12:58 269705 ----a-w c:\program files\unins000.dat
    2009-04-23 12:59 . 2009-04-23 12:59 -------- d-----w c:\program files\Adobe Photoshop CS3
    2009-04-23 12:58 . 2009-04-23 12:58 724432 ----a-w c:\program files\unins000.exe
    2009-04-22 16:56 . 2009-04-22 16:56 -------- d-----w c:\documents and settings\Alain\Application Data\Canon
    2009-04-22 16:30 . 2009-04-22 16:30 -------- d-----w c:\program files\Canon
    2009-04-17 14:26 . 2009-04-17 14:26 -------- d-----w c:\documents and settings\Alain\Application Data\AdobeUM
    2009-04-15 20:24 . 2009-04-15 20:24 90112 ----a-w c:\windows\system32\dpl100.dll
    2009-04-15 20:24 . 2009-04-15 20:24 823296 ----a-w c:\windows\system32\divx_xx0c.dll
    2009-04-15 20:24 . 2009-04-15 20:24 823296 ----a-w c:\windows\system32\divx_xx07.dll
    2009-04-15 20:24 . 2009-04-15 20:24 815104 ----a-w c:\windows\system32\divx_xx0a.dll
    2009-04-15 20:24 . 2009-04-15 20:24 802816 ----a-w c:\windows\system32\divx_xx11.dll
    2009-04-15 20:24 . 2009-04-15 20:24 684032 ----a-w c:\windows\system32\DivX.dll
    2009-04-03 22:24 . 2009-04-03 22:24 -------- d-----w c:\documents and settings\Alain\Application Data\Apple Computer
    2009-04-03 22:23 . 2009-04-03 22:23 -------- d-----w c:\documents and settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
    2009-04-03 22:23 . 2009-04-03 22:23 -------- d-----w c:\documents and settings\All Users\Application Data\Apple Computer
    2009-04-03 22:22 . 2009-04-03 22:22 -------- d-----w c:\program files\Fichiers communs\Apple
    2009-04-03 22:22 . 2009-04-03 22:22 -------- d-----w c:\documents and settings\All Users\Application Data\Apple
    2009-04-02 14:29 . 2009-04-02 14:29 75048 ----a-w c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.1.10\SetupAdmin.exe
    2009-03-29 20:24 . 2009-03-29 20:24 159726 ----a-w c:\windows\Marsu-Fix 2.6 Uninstaller.exe
    2009-03-29 20:21 . 2009-03-29 20:21 -------- d-----w c:\documents and settings\Alain\Application Data\ESET
    2009-03-29 20:19 . 2009-03-29 20:19 -------- d-----w c:\documents and settings\All Users\Application Data\ESET
    2009-03-29 20:04 . 2009-03-29 20:04 167376 ----a-w c:\documents and settings\Alain\Application Data\Mozilla\Firefox\Profiles\z6a4wxys.default\FlashGot.exe
    2009-03-29 16:18 . 2009-03-29 16:18 -------- d-----w c:\program files\Microsoft
    2009-03-29 16:18 . 2009-03-29 16:18 -------- d-----w c:\program files\Windows Live SkyDrive
    2009-03-29 16:17 . 2009-03-29 16:17 -------- d-----w c:\program files\Windows Live
    2009-03-29 16:14 . 2009-03-29 16:14 -------- d-----w c:\program files\Fichiers communs\Windows Live
    2009-03-29 16:09 . 2009-03-29 16:09 0 ----a-w c:\windows\nsreg.dat
    2009-03-29 15:53 . 2009-03-29 15:53 -------- d-----w c:\program files\CyberLink
    2009-03-29 15:53 . 2009-03-29 15:53 -------- d-----w c:\program files\ASUSTek
    2009-03-29 15:53 . 2009-03-29 15:53 -------- d-----w c:\program files\Fichiers communs\LightScribe
    2009-03-29 15:51 . 2009-03-29 15:51 -------- d-----w c:\documents and settings\Alain\Application Data\Ahead
    2009-03-29 15:48 . 2009-03-29 15:48 -------- d-----w c:\program files\Nero
    2009-03-29 15:48 . 2009-03-29 15:48 -------- d-----w c:\program files\Fichiers communs\Ahead
    2009-03-29 15:48 . 2009-03-29 15:48 -------- d-----w c:\documents and settings\All Users\Application Data\Nero
    2009-03-29 15:23 . 2009-03-29 15:31 -------- d-----w c:\documents and settings\Alain\Application Data\Intel
    2009-03-29 15:23 . 2009-03-29 15:23 -------- d-----w c:\documents and settings\Administrateur\Application Data\Intel
    2009-03-29 15:23 . 2009-03-29 15:23 17801 ----a-w c:\windows\system32\drivers\AegisP.sys
    2009-03-29 15:22 . 2009-03-29 15:22 -------- d-----w c:\documents and settings\All Users\Application Data\Intel
    2009-03-29 15:21 . 2009-03-29 15:21 503808 ----a-w c:\windows\Asus_A6_ScreenSaver.scr
    2009-03-29 15:21 . 2009-03-29 15:21 606848 ----a-w c:\windows\flashax.exe
    2009-03-29 15:21 . 2009-03-29 15:21 12288 ----a-w c:\windows\impborl.dll
    2009-03-29 15:20 . 2004-09-20 16:47 49054 ----a-w c:\windows\system32\perfc00C.dat
    2009-03-29 15:20 . 2004-09-20 16:47 368314 ----a-w c:\windows\system32\perfh00C.dat
    2009-03-29 15:20 . 2009-03-29 15:20 -------- d-----w c:\program files\ATI Technologies
    2009-03-29 15:20 . 2009-03-29 15:20 -------- d-----w c:\program files\CONEXANT
    2009-03-29 15:19 . 2009-03-29 15:19 -------- d-----w c:\program files\GameFace Messenger
    2009-03-29 15:19 . 2009-03-29 15:19 737280 ----a-w c:\windows\iun6002.exe
    2009-03-29 15:14 . 2009-03-29 15:31 -------- d-----w c:\documents and settings\Alain\Application Data\Symantec
    2009-03-29 15:14 . 2009-03-29 15:14 -------- d-----w c:\documents and settings\Administrateur\Application Data\Symantec
    2009-03-29 15:14 . 2009-03-29 15:14 -------- d-----w c:\documents and settings\All Users\Application Data\Symantec
    2009-03-29 15:10 . 2009-03-29 15:10 -------- d-----w c:\program files\Intel
    2009-03-29 15:08 . 2009-03-29 15:08 -------- d-----w c:\program files\Synaptics
    2009-03-29 15:07 . 2009-03-29 15:07 -------- d-----w c:\program files\ASUS
    2009-03-29 15:04 . 2009-03-29 15:04 -------- d--h--w c:\program files\InstallShield Installation Information
    2009-03-29 15:04 . 2009-03-29 15:04 -------- d-----w c:\program files\Realtek
    2009-03-29 15:04 . 2009-03-29 15:04 -------- d-----w c:\program files\Fichiers communs\InstallShield
    2009-03-29 15:03 . 2009-03-29 15:03 -------- d-----w c:\program files\Fichiers communs\Adobe
    2009-03-29 15:03 . 2009-03-29 15:03 -------- d-----w c:\documents and settings\All Users\Application Data\SBSI
    2009-03-29 15:03 . 2009-03-29 14:56 86331 ----a-w c:\windows\pchealth\helpctr\OfflineCache\index.dat
    2009-03-29 14:57 . 2009-03-29 14:57 -------- d-----w c:\program files\microsoft frontpage
    2009-03-29 14:55 . 2009-03-29 14:55 -------- d-----w c:\program files\Services en ligne
    2009-03-29 14:54 . 2009-03-29 14:54 21892 ----a-w c:\windows\system32\emptyregdb.dat
    2009-03-19 14:32 . 2009-03-19 14:32 23400 ----a-w c:\documents and settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}\x86\x86\GEARAspiWDM.sys
    2009-03-05 21:59 . 2009-04-03 22:22 36864 ----a-w c:\windows\system32\drivers\usbaapl.sys
    2009-03-05 21:59 . 2009-04-03 22:22 1900544 ----a-w c:\windows\system32\usbaaplrc.dll
    2007-04-18 00:24 . 2009-04-23 12:58 44814336 ----a-w c:\program files\Photoshop.exe
    2009-04-15 20:24 . 2009-04-15 20:24 1044480 ----a-w c:\program files\mozilla firefox\plugins\libdivx.dll
    2009-04-15 20:24 . 2009-04-15 20:24 200704 ----a-w c:\program files\mozilla firefox\plugins\ssldivx.dll
    .

    ((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-05 15360]
    "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "HControl"="c:\windows\ATK0100\HControl.exe" [2005-07-28 102400]
    "ASUS Live Update"="c:\program files\ASUS\ASUS Live Update\ALU.exe" [2003-09-19 172032]
    "Power_Gear"="c:\program files\ASUS\Power4 Gear\BatteryLife.exe" [2005-06-16 86016]
    "NB Probe"="c:\program files\ASUS\NB Probe\NBProbe.exe" [2005-07-27 765952]
    "Wireless Console"="c:\program files\ASUS\Wireless Console\wcourier.exe" [2005-07-22 57344]
    "SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2004-12-21 98394]
    "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-12-06 1024000]
    "ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-08-30 344064]
    "IntelZeroConfig"="c:\program files\Intel\Wireless\bin\ZCfgSvc.exe" [2005-05-31 401408]
    "IntelWireless"="c:\program files\Intel\Wireless\Bin\ifrmewrk.exe" [2005-06-02 385024]
    "EOUApp"="c:\program files\Intel\Wireless\Bin\EOUWiz.exe" [2005-05-31 356352]
    "NeroFilterCheck"="c:\program files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
    "RemoteControl"="c:\program files\ASUSTek\ASUSDVD\PDVDServ.exe" [2005-01-12 32768]
    "WinampAgent"="c:\program files\Winamp\winampa.exe" [2009-04-10 37888]
    "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-05 413696]
    "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-04-02 342312]
    "avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]
    "RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.EXE [2005-09-06 14850560]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-05 15360]

    c:\documents and settings\Alain\Menu D‚marrer\Programmes\D‚marrage\
    ChkDisk.lnk - c:\windows\system32\rundll32.exe [2004-9-20 33792]

    c:\documents and settings\Alain\Menu D‚marrer\Programmes\D‚marrage\
    ChkDisk.lnk - c:\windows\system32\rundll32.exe [2004-9-20 33792]

    c:\documents and settings\Alain\Menu D‚marrer\Programmes\D‚marrage\
    ChkDisk.lnk - c:\windows\system32\rundll32.exe [2004-9-20 33792]

    c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
    Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696]
    ASUS ChkMail.lnk - c:\program files\ASUS\Asus ChkMail\ChkMail.exe [2009-3-29 32768]

    [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
    "NoSetActiveDesktop"= 1 (0x1)
    "NoActiveDesktopChanges"= 1 (0x1)

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\IntelWireless]
    2005-05-31 20:46 110592 ----a-w c:\program files\Intel\Wireless\Bin\LgNotify.dll

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
    "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
    "c:\\Program Files\\iTunes\\iTunes.exe"=
    "d:\\Program Files\\Steam\\steamapps\\aloun3@hotmail.com\\counter-strike\\hl.exe"=

    R0 R592;R592;c:\windows\system32\drivers\R592.sys [29/03/2009 16:34 57088]
    R0 risdpntk;risdpntk;c:\windows\system32\drivers\risdpntk.sys [29/03/2009 16:34 27264]
    R2 Eset_TrialReset_serv;Eset TrialReset;c:\windows\Eset_TrialReset_serv.exe [27/07/2008 12:27 69632]
    .
    - - - - ORPHELINS SUPPRIMES - - - -

    BHO-{F30B5E7E-CFBB-44fb-A947-226E5A7A4290} - jhxm32.dll
    HKU-Default-Run-autochk - c:\docume~1\NETWOR~1\protect.dll
    SafeBoot-procexp90.Sys
    SafeBoot-Video3D.sys


    .
    ------- Examen supplémentaire -------
    .
    uStart Page = hxxp://www.asus.com
    uInternet Connection Wizard,ShellNext = hxxp://www.asus.com/
    uInternet Settings,ProxyOverride = *.local
    IE: &Download All by FlashGet - c:\program files\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm
    IE: &Download by FlashGet - c:\program files\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm
    FF - ProfilePath - c:\documents and settings\Alain\Application Data\Mozilla\Firefox\Profiles\z6a4wxys.default\
    FF - prefs.js: browser.startup.homepage - hxxp://www.google.Fr

    ---- PARAMETRES FIREFOX ----
    FF - user.js: yahoo.homepage.dontask - true.

    **************************************************************************

    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-05-25 19:12
    Windows 5.1.2600 Service Pack 2 FAT NTAPI

    Recherche de processus cachés ...

    Recherche d'éléments en démarrage automatique cachés ...

    Recherche de fichiers cachés ...

    Scan terminé avec succès
    Fichiers cachés: 0

    **************************************************************************
    .
    --------------------- DLLs chargées dans les processus actifs ---------------------

    - - - - - - - > 'winlogon.exe'(1076)
    c:\windows\system32\Ati2evxx.dll
    c:\program files\Intel\Wireless\Bin\LgNotify.dll

    - - - - - - - > 'explorer.exe'(2512)
    c:\windows\system32\msi.dll
    c:\windows\system32\shdoclc.dll
    .
    ------------------------ Autres processus actifs ------------------------
    .
    c:\windows\SYSTEM32\ATI2EVXX.EXE
    c:\program files\INTEL\WIRELESS\BIN\EVTENG.EXE
    c:\program files\INTEL\WIRELESS\BIN\S24EVMON.EXE
    c:\windows\SYSTEM32\ATI2EVXX.EXE
    c:\program files\AVIRA\ANTIVIR PERSONALEDITION CLASSIC\SCHED.EXE
    c:\program files\INTEL\WIRELESS\BIN\1XCONFIG.EXE
    c:\windows\ATK0100\ATKOSD.EXE
    c:\program files\AVIRA\ANTIVIR PERSONALEDITION CLASSIC\AVGUARD.EXE
    c:\program files\FICHIERS COMMUNS\APPLE\MOBILE DEVICE SUPPORT\BIN\APPLEMOBILEDEVICESERVICE.EXE
    c:\windows\ATKKBSERVICE.EXE
    c:\program files\BONJOUR\MDNSRESPONDER.EXE
    c:\program files\FICHIERS COMMUNS\LIGHTSCRIBE\LSSRVC.EXE
    c:\program files\INTEL\WIRELESS\BIN\OPROTSVC.EXE
    c:\program files\INTEL\WIRELESS\BIN\REGSRVC.EXE
    c:\program files\ASUS\NB PROBE\SPM\SPMGR.EXE
    c:\windows\SYSTEM32\WDFMGR.EXE
    c:\windows\SYSTEM32\WSCNTFY.EXE
    c:\program files\IPOD\BIN\IPODSERVICE.EXE
    .
    **************************************************************************
    .
    Heure de fin: 2009-05-25 19:13 - La machine a redémarré
    ComboFix-quarantined-files.txt 2009-05-25 17:13

    Avant-CF: 72 063 614 976 octets libres
    Après-CF: 72 033 697 792 octets libres

    WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe
    [boot loader]
    timeout=2
    default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
    [operating systems]
    c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
    multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /noexecute=optin /fastdetect

    539


    Maintenant je sais pas encore sur les symptome ont disparus.
    a b 8 Sécurité
    25 Mai 2009 20:06:13

    Re,

    Fais une analyse antivirus en ligne sur Kaspersky avec Internet Explorer.

  • Autorise les Active x.
  • Clique sur Démarrer Online Scanner.
  • Sélectionne le poste de travail comme analyse. Enregistres sous le rapport en format .txt.
  • Colle son rapport ici.
  • Poste un nouveau rapport Hijackthis.

    Aide : Comment faire un scan en ligne avec Kaspersky .
    25 Mai 2009 23:59:25

    Kaspersky
    Citation :
    --------------------------------------------------------------------------------
    KASPERSKY ONLINE SCANNER 7.0 REPORT
    Monday, May 25, 2009
    Operating System: Microsoft Windows XP Professional Service Pack 2 (build 2600)
    Kaspersky Online Scanner version: 7.0.26.13
    Program database last update: Monday, May 25, 2009 19:46:13
    Records in database: 2243785
    --------------------------------------------------------------------------------

    Scan settings:
    Scan using the following database: extended
    Scan archives: yes
    Scan mail databases: yes

    Scan area - My Computer:
    C:\
    D:\
    F:\
    G:\

    Scan statistics:
    Files scanned: 44688
    Threat name: 1
    Infected objects: 1
    Suspicious objects: 0
    Duration of the scan: 02:00:27


    File name / Threat name / Threats count
    C:\_OTMoveIt\MovedFiles\05202009_213449\WINDOWS\system32\__c00AEE56.dat Infected: Trojan-Downloader.Win32.Clopack.dc 1

    The selected area was scanned.



    RSIT
    Citation :
    Logfile of random's system information tool 1.06 (written by random/random)
    Run by Alain at 2009-05-25 23:58:53
    Microsoft Windows XP Professionnel Service Pack 2
    System drive C: has 68 GB (81%) free of 84 GB
    Total RAM: 1023 MB (66% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 23:59:00, on 25/05/2009
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
    C:\WINDOWS\ATK0100\HControl.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe
    C:\Program Files\ASUS\NB Probe\NBProbe.exe
    C:\Program Files\ASUS\Wireless Console\wcourier.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
    C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
    C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe
    C:\Program Files\Winamp\winampa.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\ASUS\Asus ChkMail\ChkMail.exe
    C:\WINDOWS\ATK0100\ATKOSD.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\WINDOWS\ATKKBService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\Eset_TrialReset_serv.exe
    C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\explorer.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\Documents and Settings\Alain\Bureau\RSIT.exe
    C:\Program Files\trend micro\Alain.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.asus.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.asus.com/
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [ASUS Live Update] C:\Program Files\ASUS\ASUS Live Update\ALU.exe
    O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
    O4 - HKLM\..\Run: [NB Probe] C:\Program Files\ASUS\NB Probe\NBProbe.exe
    O4 - HKLM\..\Run: [Wireless Console] C:\Program Files\ASUS\Wireless Console\wcourier.exe
    O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
    O4 - HKLM\..\Run: [IntelZeroConfig] C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
    O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
    O4 - HKLM\..\Run: [EOUApp] C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - S-1-5-18 Startup: ChkDisk.lnk = ? (User 'SYSTEM')
    O4 - .DEFAULT Startup: ChkDisk.lnk = ? (User 'Default user')
    O4 - Startup: ChkDisk.lnk = ?
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: ASUS ChkMail.lnk = C:\Program Files\ASUS\Asus ChkMail\ChkMail.exe
    O8 - Extra context menu item: &Download All by FlashGet - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm
    O8 - Extra context menu item: &Download by FlashGet - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm
    O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl.sun.com/webapps/download/AutoDL?BundleId=...
    O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Eset TrialReset (Eset_TrialReset_serv) - Everstrike Software - C:\WINDOWS\Eset_TrialReset_serv.exe
    O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
    O23 - Service: OwnershipProtocol - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
    O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe

    --
    End of file - 8030 bytes

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-05-25 35840]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
    JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-05-25 73728]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "HControl"=C:\WINDOWS\ATK0100\HControl.exe [2005-07-28 102400]
    "RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2005-09-06 14850560]
    "ASUS Live Update"=C:\Program Files\ASUS\ASUS Live Update\ALU.exe [2003-09-19 172032]
    "Power_Gear"=C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe [2005-06-16 86016]
    "NB Probe"=C:\Program Files\ASUS\NB Probe\NBProbe.exe [2005-07-27 765952]
    "Wireless Console"=C:\Program Files\ASUS\Wireless Console\wcourier.exe [2005-07-22 57344]
    "SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2004-12-21 98394]
    "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-12-06 1024000]
    "ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2005-08-30 344064]
    "IntelZeroConfig"=C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe [2005-05-31 401408]
    "IntelWireless"=C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [2005-06-03 385024]
    "EOUApp"=C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe [2005-05-31 356352]
    "NeroFilterCheck"=C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
    "RemoteControl"=C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe [2005-01-12 32768]
    "WinampAgent"=C:\Program Files\Winamp\winampa.exe [2009-04-10 37888]
    "QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-01-05 413696]
    "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-04-02 342312]
    "avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-05-25 148888]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-05 15360]
    "msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408]

    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
    Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    ASUS ChkMail.lnk - C:\Program Files\ASUS\Asus ChkMail\ChkMail.exe

    C:\Documents and Settings\Alain\Menu Démarrer\Programmes\Démarrage
    ChkDisk.lnk - C:\WINDOWS\system32\rundll32.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
    C:\WINDOWS\system32\Ati2evxx.dll [2005-08-30 46080]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\IntelWireless]
    C:\Program Files\Intel\Wireless\Bin\LgNotify.dll [2005-05-31 110592]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=323
    "NoDriveAutoRun"=67108863
    "NoDrives"=0

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveAutoRun"=
    "NoDriveTypeAutoRun"=
    "NoDrives"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
    "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
    "D:\Program Files\Steam\steamapps\aloun3@hotmail.com\counter-strike\hl.exe"="D:\Program Files\Steam\steamapps\aloun3@hotmail.com\counter-strike\hl.exe:*:Enabled:Half-Life Launcher"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

    ======List of files/folders created in the last 1 months======

    2009-05-25 20:22:17 ----D---- C:\WINDOWS\Sun
    2009-05-25 20:22:04 ----A---- C:\WINDOWS\system32\javaws.exe
    2009-05-25 20:22:04 ----A---- C:\WINDOWS\system32\javaw.exe
    2009-05-25 20:22:04 ----A---- C:\WINDOWS\system32\java.exe
    2009-05-25 20:22:04 ----A---- C:\WINDOWS\system32\deploytk.dll
    2009-05-25 20:21:49 ----D---- C:\Program Files\Java
    2009-05-25 20:20:47 ----D---- C:\Documents and Settings\Alain\Application Data\Sun
    2009-05-25 19:13:38 ----D---- C:\WINDOWS\temp
    2009-05-25 19:13:36 ----A---- C:\ComboFix.txt
    2009-05-25 18:16:02 ----A---- C:\Boot.bak
    2009-05-25 18:16:00 ----RASHD---- C:\cmdcons
    2009-05-25 18:14:50 ----A---- C:\WINDOWS\zip.exe
    2009-05-25 18:14:50 ----A---- C:\WINDOWS\SWXCACLS.exe
    2009-05-25 18:14:50 ----A---- C:\WINDOWS\SWSC.exe
    2009-05-25 18:14:50 ----A---- C:\WINDOWS\SWREG.exe
    2009-05-25 18:14:50 ----A---- C:\WINDOWS\sed.exe
    2009-05-25 18:14:50 ----A---- C:\WINDOWS\PEV.exe
    2009-05-25 18:14:50 ----A---- C:\WINDOWS\NIRCMD.exe
    2009-05-25 18:14:50 ----A---- C:\WINDOWS\grep.exe
    2009-05-25 18:14:43 ----D---- C:\WINDOWS\ERDNT
    2009-05-25 18:14:40 ----D---- C:\Qoobox
    2009-05-22 19:59:09 ----A---- C:\WINDOWS\system32\userinit.exe
    2009-05-22 16:41:02 ----D---- C:\Documents and Settings\Alain\Application Data\dvdcss
    2009-05-21 20:01:27 ----D---- C:\Documents and Settings\Alain\Application Data\vlc
    2009-05-21 20:00:54 ----D---- C:\Program Files\VideoLAN
    2009-05-21 02:07:05 ----D---- C:\Documents and Settings\Alain\Application Data\DivX
    2009-05-20 14:06:15 ----N---- C:\WINDOWS\system32\pxinsi64.exe
    2009-05-20 14:06:15 ----N---- C:\WINDOWS\system32\pxcpyi64.exe
    2009-05-20 14:05:56 ----D---- C:\Program Files\Fichiers communs\DivX Shared
    2009-05-20 14:05:56 ----D---- C:\Program Files\DivX
    2009-05-18 18:40:39 ----D---- C:\Program Files\Avira
    2009-05-18 18:40:39 ----D---- C:\Documents and Settings\All Users\Application Data\Avira
    2009-05-18 18:24:04 ----D---- C:\_OTMoveIt
    2009-05-17 19:37:16 ----D---- C:\Program Files\trend micro
    2009-05-17 19:37:15 ----D---- C:\rsit
    2009-05-14 23:14:33 ----A---- C:\WINDOWS\system32\GEARAspi.dll
    2009-05-14 23:14:22 ----D---- C:\Program Files\iPod
    2009-05-14 23:14:20 ----D---- C:\Program Files\iTunes
    2009-05-14 23:14:20 ----D---- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
    2009-05-14 23:14:12 ----D---- C:\Program Files\Bonjour
    2009-05-14 23:13:42 ----D---- C:\Program Files\QuickTime
    2009-05-12 22:09:09 ----N---- C:\WINDOWS\system32\vxblock.dll
    2009-05-12 22:09:09 ----N---- C:\WINDOWS\system32\pxwave.dll
    2009-05-12 22:09:09 ----N---- C:\WINDOWS\system32\pxsfs.dll
    2009-05-12 22:09:09 ----N---- C:\WINDOWS\system32\pxmas.dll
    2009-05-12 22:09:09 ----N---- C:\WINDOWS\system32\pxinsa64.exe
    2009-05-12 22:09:09 ----N---- C:\WINDOWS\system32\pxhpinst.exe
    2009-05-12 22:09:09 ----N---- C:\WINDOWS\system32\pxdrv.dll
    2009-05-12 22:09:09 ----N---- C:\WINDOWS\system32\pxcpya64.exe
    2009-05-12 22:09:09 ----N---- C:\WINDOWS\system32\pxafs.dll
    2009-05-12 22:09:09 ----N---- C:\WINDOWS\system32\px.dll
    2009-05-12 22:09:07 ----D---- C:\Program Files\Winamp
    2009-05-12 22:09:07 ----D---- C:\Documents and Settings\Alain\Application Data\Winamp
    2009-05-12 21:46:22 ----D---- C:\Program Files\CCleaner
    2009-05-10 20:32:03 ----D---- C:\Program Files\Alwil Software
    2009-05-10 20:16:32 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
    2009-05-08 11:19:14 ----D---- C:\WINDOWS\Minidump
    2009-05-06 23:11:00 ----A---- C:\WINDOWS\wininit.ini
    2009-05-06 20:19:56 ----D---- C:\Program Files\Spybot - Search & Destroy
    2009-05-06 20:19:56 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2009-05-06 00:49:22 ----D---- C:\WINDOWS\system32\appmgmt
    2009-05-06 00:33:08 ----D---- C:\Documents and Settings\Alain\Application Data\Malwarebytes
    2009-05-06 00:32:54 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    2009-05-06 00:32:54 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2009-05-06 00:27:16 ----A---- C:\WINDOWS\system32\tmp.txt
    2009-05-06 00:27:00 ----A---- C:\rapport.txt
    2009-04-30 14:42:07 ----D---- C:\Program Files\Guitar Pro 5

    ======List of files/folders modified in the last 1 months======

    2009-05-25 19:12:20 ----A---- C:\WINDOWS\system.ini
    2009-05-25 19:07:54 ----A---- C:\WINDOWS\SchedLgU.Txt
    2009-05-25 18:16:04 ----RASH---- C:\boot.ini
    2009-05-23 19:46:20 ----A---- C:\WINDOWS\NeroDigital.ini
    2009-05-08 00:00:00 ----A---- C:\WINDOWS\DUMP591c.tmp

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 asuskbnt;Enhanced Display Driver Helper Service; C:\WINDOWS\system32\drivers\atkkbnt.sys [2005-06-09 23040]
    R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys []
    R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2008-10-30 75072]
    R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-05 40320]
    R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-11-08 21248]
    R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.2.0.3; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2009-03-29 17801]
    R2 ghaio;ghaio; \??\C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys []
    R2 irda;Protocole IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2004-08-03 87424]
    R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2005-01-16 13059]
    R2 s24trans;Transport RLAN; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2005-05-03 11354]
    R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-05 60800]
    R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-08-30 1333760]
    R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys []
    R3 Cam5603C;BisonCam, USB2.0; C:\WINDOWS\System32\Drivers\Bs350u2.sys [2005-02-17 638720]
    R3 CmBatt;Pilote d'adaptateur secteur Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-03 14080]
    R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-03-19 23400]
    R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
    R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2005-01-16 1036928]
    R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2005-01-16 163328]
    R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2005-09-07 3959808]
    R3 irsir;Pilote série infrarouge Microsoft; C:\WINDOWS\system32\DRIVERS\irsir.sys [2001-08-17 18688]
    R3 IWCA;Intel Wireless Connection Agent Miniport for Win XP; C:\WINDOWS\system32\DRIVERS\iwca.sys [2004-08-12 234496]
    R3 MTsensor;ATK0100 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ATKACPI.sys [2005-02-17 5632]
    R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-05 61824]
    R3 Rasirda;Miniport réseau étendu (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
    R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2007-12-06 220032]
    R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
    R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
    R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
    R3 w29n51;Pilote de carte de connexion réseau Intel(R) PRO/Wireless 2200BG pour Windows XP; C:\WINDOWS\system32\DRIVERS\w29n51.sys [2005-04-30 3281408]
    R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2005-01-16 702592]
    R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Gigabit Ethernet Adapter; C:\WINDOWS\system32\DRIVERS\yukonwxp.sys [2004-06-01 142464]
    R4 catchme;catchme; \??\C:\DOCUME~1\Alain\LOCALS~1\Temp\catchme.sys []
    S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
    S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
    S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
    S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
    S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
    S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
    S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
    S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-03-05 36864]
    S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
    S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
    S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 AntiVirScheduler;Planificateur Avira AntiVir Personal - Free Antivirus; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-15 68865]
    R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-15 151297]
    R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-03-06 132424]
    R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2005-08-30 376832]
    R2 ATKKeyboardService;ATK Keyboard Service; C:\WINDOWS\ATKKBService.exe [2005-08-07 253952]
    R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
    R2 Eset_TrialReset_serv;Eset TrialReset; C:\WINDOWS\Eset_TrialReset_serv.exe [2008-07-27 69632]
    R2 EvtEng;EvtEng; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2005-06-03 86016]
    R2 Irmon;Moniteur infrarouge; C:\WINDOWS\system32\svchost.exe [2004-08-05 14336]
    R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-05-25 152984]
    R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [2006-10-19 61440]
    R2 OwnershipProtocol;OwnershipProtocol; C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe [2005-05-31 98304]
    R2 RegSrvc;RegSrvc; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2005-06-03 139264]
    R2 S24EventMonitor;Spectrum24 Event Monitor; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2005-06-03 372809]
    R2 spmgr;spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [2005-04-20 118784]
    R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]
    R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-04-02 656168]
    S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-12-05 774144]
    S3 NMIndexingService;NMIndexingService; C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe [2006-12-23 262144]

    -----------------EOF-----------------
    a b 8 Sécurité
    26 Mai 2009 13:41:51

    On termine normalement :) 

    Télécharge Hijackthis (de Trend Micro) sur ton Bureau.

  • Double clique sur HJTInstall.exe pour lancer l'installation.
  • Clique sur Install.
  • Double clique sur le raccourci d'HijackThis qui vient d'être créé pour le lancer. (Clique droit -> lancer en tant qu'admin si sous Vista)
  • Accepte la licence en cliquant sur Yes.

    &

    Choisis do a system scan only, coche ces lignes (si toujours présentes) :
    O4 - S-1-5-18 Startup: ChkDisk.lnk = ? (User 'SYSTEM')
    O4 - .DEFAULT Startup: ChkDisk.lnk = ? (User 'Default user')
    O4 - Startup: ChkDisk.lnk = ?

    Ferme toutes les applications en cours (particulièrement ton navigateur Internet).
    Puis Fix Checked !
    26 Mai 2009 20:29:08

    Voila, c'est fait, y a t-il quelque chose que je puisse faire pour vérifier si tout est en ordre ?

    a b 8 Sécurité
    27 Mai 2009 19:25:00

    Refais un dernier scan RSIT.
    27 Mai 2009 23:43:17

    Citation :
    Logfile of random's system information tool 1.06 (written by random/random)
    Run by Alain at 2009-05-27 23:42:59
    Microsoft Windows XP Professionnel Service Pack 2
    System drive C: has 68 GB (81%) free of 84 GB
    Total RAM: 1023 MB (52% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 23:43:04, on 27/05/2009
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\WINDOWS\ATKKBService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\Eset_TrialReset_serv.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\WINDOWS\ATK0100\HControl.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\ASUS\ASUS Live Update\ALU.exe
    C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe
    C:\Program Files\ASUS\NB Probe\NBProbe.exe
    C:\Program Files\ASUS\Wireless Console\wcourier.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
    C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
    C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe
    C:\Program Files\Winamp\winampa.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\ASUS\Asus ChkMail\ChkMail.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\ATK0100\ATKOSD.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Documents and Settings\Alain\Bureau\RSIT.exe
    C:\Program Files\Trend Micro\HijackThis\Alain.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.asus.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.asus.com/
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [ASUS Live Update] C:\Program Files\ASUS\ASUS Live Update\ALU.exe
    O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
    O4 - HKLM\..\Run: [NB Probe] C:\Program Files\ASUS\NB Probe\NBProbe.exe
    O4 - HKLM\..\Run: [Wireless Console] C:\Program Files\ASUS\Wireless Console\wcourier.exe
    O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
    O4 - HKLM\..\Run: [IntelZeroConfig] C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
    O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
    O4 - HKLM\..\Run: [EOUApp] C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: ASUS ChkMail.lnk = C:\Program Files\ASUS\Asus ChkMail\ChkMail.exe
    O8 - Extra context menu item: &Download All by FlashGet - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm
    O8 - Extra context menu item: &Download by FlashGet - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm
    O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl.sun.com/webapps/download/AutoDL?BundleId=...
    O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Eset TrialReset (Eset_TrialReset_serv) - Everstrike Software - C:\WINDOWS\Eset_TrialReset_serv.exe
    O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
    O23 - Service: OwnershipProtocol - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
    O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe

    --
    End of file - 7995 bytes

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-05-25 35840]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
    JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-05-25 73728]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "HControl"=C:\WINDOWS\ATK0100\HControl.exe [2005-07-28 102400]
    "RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2005-09-06 14850560]
    "ASUS Live Update"=C:\Program Files\ASUS\ASUS Live Update\ALU.exe [2003-09-19 172032]
    "Power_Gear"=C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe [2005-06-16 86016]
    "NB Probe"=C:\Program Files\ASUS\NB Probe\NBProbe.exe [2005-07-27 765952]
    "Wireless Console"=C:\Program Files\ASUS\Wireless Console\wcourier.exe [2005-07-22 57344]
    "SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2004-12-21 98394]
    "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-12-06 1024000]
    "ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2005-08-30 344064]
    "IntelZeroConfig"=C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe [2005-05-31 401408]
    "IntelWireless"=C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [2005-06-03 385024]
    "EOUApp"=C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe [2005-05-31 356352]
    "NeroFilterCheck"=C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
    "RemoteControl"=C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe [2005-01-12 32768]
    "WinampAgent"=C:\Program Files\Winamp\winampa.exe [2009-04-10 37888]
    "QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-01-05 413696]
    "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-04-02 342312]
    "avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-05-25 148888]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-05 15360]
    "msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408]

    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
    Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    ASUS ChkMail.lnk - C:\Program Files\ASUS\Asus ChkMail\ChkMail.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
    C:\WINDOWS\system32\Ati2evxx.dll [2005-08-30 46080]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\IntelWireless]
    C:\Program Files\Intel\Wireless\Bin\LgNotify.dll [2005-05-31 110592]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=323
    "NoDriveAutoRun"=67108863
    "NoDrives"=0

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveAutoRun"=
    "NoDriveTypeAutoRun"=
    "NoDrives"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
    "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
    "D:\Program Files\Steam\steamapps\aloun3@hotmail.com\counter-strike\hl.exe"="D:\Program Files\Steam\steamapps\aloun3@hotmail.com\counter-strike\hl.exe:*:Enabled:Half-Life Launcher"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

    ======List of files/folders created in the last 1 months======

    2009-05-25 20:22:17 ----D---- C:\WINDOWS\Sun
    2009-05-25 20:22:04 ----A---- C:\WINDOWS\system32\javaws.exe
    2009-05-25 20:22:04 ----A---- C:\WINDOWS\system32\javaw.exe
    2009-05-25 20:22:04 ----A---- C:\WINDOWS\system32\java.exe
    2009-05-25 20:22:04 ----A---- C:\WINDOWS\system32\deploytk.dll
    2009-05-25 20:21:49 ----D---- C:\Program Files\Java
    2009-05-25 20:20:47 ----D---- C:\Documents and Settings\Alain\Application Data\Sun
    2009-05-25 19:13:38 ----D---- C:\WINDOWS\temp
    2009-05-25 19:13:36 ----A---- C:\ComboFix.txt
    2009-05-25 18:16:02 ----A---- C:\Boot.bak
    2009-05-25 18:16:00 ----RASHD---- C:\cmdcons
    2009-05-25 18:14:50 ----A---- C:\WINDOWS\zip.exe
    2009-05-25 18:14:50 ----A---- C:\WINDOWS\SWXCACLS.exe
    2009-05-25 18:14:50 ----A---- C:\WINDOWS\SWSC.exe
    2009-05-25 18:14:50 ----A---- C:\WINDOWS\SWREG.exe
    2009-05-25 18:14:50 ----A---- C:\WINDOWS\sed.exe
    2009-05-25 18:14:50 ----A---- C:\WINDOWS\PEV.exe
    2009-05-25 18:14:50 ----A---- C:\WINDOWS\NIRCMD.exe
    2009-05-25 18:14:50 ----A---- C:\WINDOWS\grep.exe
    2009-05-25 18:14:43 ----D---- C:\WINDOWS\ERDNT
    2009-05-25 18:14:40 ----D---- C:\Qoobox
    2009-05-22 19:59:09 ----A---- C:\WINDOWS\system32\userinit.exe
    2009-05-22 16:41:02 ----D---- C:\Documents and Settings\Alain\Application Data\dvdcss
    2009-05-21 20:01:27 ----D---- C:\Documents and Settings\Alain\Application Data\vlc
    2009-05-21 20:00:54 ----D---- C:\Program Files\VideoLAN
    2009-05-21 02:07:05 ----D---- C:\Documents and Settings\Alain\Application Data\DivX
    2009-05-20 14:06:15 ----N---- C:\WINDOWS\system32\pxinsi64.exe
    2009-05-20 14:06:15 ----N---- C:\WINDOWS\system32\pxcpyi64.exe
    2009-05-20 14:05:56 ----D---- C:\Program Files\Fichiers communs\DivX Shared
    2009-05-20 14:05:56 ----D---- C:\Program Files\DivX
    2009-05-18 18:40:39 ----D---- C:\Program Files\Avira
    2009-05-18 18:40:39 ----D---- C:\Documents and Settings\All Users\Application Data\Avira
    2009-05-18 18:24:04 ----D---- C:\_OTMoveIt
    2009-05-17 19:37:16 ----D---- C:\Program Files\trend micro
    2009-05-17 19:37:15 ----D---- C:\rsit
    2009-05-14 23:14:33 ----A---- C:\WINDOWS\system32\GEARAspi.dll
    2009-05-14 23:14:22 ----D---- C:\Program Files\iPod
    2009-05-14 23:14:20 ----D---- C:\Program Files\iTunes
    2009-05-14 23:14:20 ----D---- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
    2009-05-14 23:14:12 ----D---- C:\Program Files\Bonjour
    2009-05-14 23:13:42 ----D---- C:\Program Files\QuickTime
    2009-05-12 22:09:09 ----N---- C:\WINDOWS\system32\vxblock.dll
    2009-05-12 22:09:09 ----N---- C:\WINDOWS\system32\pxwave.dll
    2009-05-12 22:09:09 ----N---- C:\WINDOWS\system32\pxsfs.dll
    2009-05-12 22:09:09 ----N---- C:\WINDOWS\system32\pxmas.dll
    2009-05-12 22:09:09 ----N---- C:\WINDOWS\system32\pxinsa64.exe
    2009-05-12 22:09:09 ----N---- C:\WINDOWS\system32\pxhpinst.exe
    2009-05-12 22:09:09 ----N---- C:\WINDOWS\system32\pxdrv.dll
    2009-05-12 22:09:09 ----N---- C:\WINDOWS\system32\pxcpya64.exe
    2009-05-12 22:09:09 ----N---- C:\WINDOWS\system32\pxafs.dll
    2009-05-12 22:09:09 ----N---- C:\WINDOWS\system32\px.dll
    2009-05-12 22:09:07 ----D---- C:\Program Files\Winamp
    2009-05-12 22:09:07 ----D---- C:\Documents and Settings\Alain\Application Data\Winamp
    2009-05-12 21:46:22 ----D---- C:\Program Files\CCleaner
    2009-05-10 20:32:03 ----D---- C:\Program Files\Alwil Software
    2009-05-10 20:16:32 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
    2009-05-08 11:19:14 ----D---- C:\WINDOWS\Minidump
    2009-05-06 23:11:00 ----A---- C:\WINDOWS\wininit.ini
    2009-05-06 20:19:56 ----D---- C:\Program Files\Spybot - Search & Destroy
    2009-05-06 20:19:56 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2009-05-06 00:49:22 ----D---- C:\WINDOWS\system32\appmgmt
    2009-05-06 00:33:08 ----D---- C:\Documents and Settings\Alain\Application Data\Malwarebytes
    2009-05-06 00:32:54 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    2009-05-06 00:32:54 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2009-05-06 00:27:16 ----A---- C:\WINDOWS\system32\tmp.txt
    2009-05-06 00:27:00 ----A---- C:\rapport.txt
    2009-04-30 14:42:07 ----D---- C:\Program Files\Guitar Pro 5

    ======List of files/folders modified in the last 1 months======

    2009-05-27 15:52:48 ----A---- C:\WINDOWS\SchedLgU.Txt
    2009-05-26 22:29:28 ----A---- C:\WINDOWS\NeroDigital.ini
    2009-05-25 19:12:20 ----A---- C:\WINDOWS\system.ini
    2009-05-25 18:16:04 ----RASH---- C:\boot.ini
    2009-05-08 00:00:00 ----A---- C:\WINDOWS\DUMP591c.tmp

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 asuskbnt;Enhanced Display Driver Helper Service; C:\WINDOWS\system32\drivers\atkkbnt.sys [2005-06-09 23040]
    R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys []
    R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2008-10-30 75072]
    R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-05 40320]
    R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-11-08 21248]
    R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.2.0.3; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2009-03-29 17801]
    R2 ghaio;ghaio; \??\C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys []
    R2 irda;Protocole IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2004-08-03 87424]
    R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2005-01-16 13059]
    R2 s24trans;Transport RLAN; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2005-05-03 11354]
    R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-05 60800]
    R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-08-30 1333760]
    R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys []
    R3 Cam5603C;BisonCam, USB2.0; C:\WINDOWS\System32\Drivers\Bs350u2.sys [2005-02-17 638720]
    R3 CmBatt;Pilote d'adaptateur secteur Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-03 14080]
    R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-03-19 23400]
    R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
    R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2005-01-16 1036928]
    R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2005-01-16 163328]
    R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2005-09-07 3959808]
    R3 irsir;Pilote série infrarouge Microsoft; C:\WINDOWS\system32\DRIVERS\irsir.sys [2001-08-17 18688]
    R3 IWCA;Intel Wireless Connection Agent Miniport for Win XP; C:\WINDOWS\system32\DRIVERS\iwca.sys [2004-08-12 234496]
    R3 MTsensor;ATK0100 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ATKACPI.sys [2005-02-17 5632]
    R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-05 61824]
    R3 Rasirda;Miniport réseau étendu (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
    R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2007-12-06 220032]
    R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
    R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
    R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
    R3 w29n51;Pilote de carte de connexion réseau Intel(R) PRO/Wireless 2200BG pour Windows XP; C:\WINDOWS\system32\DRIVERS\w29n51.sys [2005-04-30 3281408]
    R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2005-01-16 702592]
    R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Gigabit Ethernet Adapter; C:\WINDOWS\system32\DRIVERS\yukonwxp.sys [2004-06-01 142464]
    S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
    S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
    S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
    S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
    S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
    S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
    S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
    S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-03-05 36864]
    S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
    S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
    S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 AntiVirScheduler;Planificateur Avira AntiVir Personal - Free Antivirus; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-15 68865]
    R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-15 151297]
    R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-03-06 132424]
    R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2005-08-30 376832]
    R2 ATKKeyboardService;ATK Keyboard Service; C:\WINDOWS\ATKKBService.exe [2005-08-07 253952]
    R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
    R2 Eset_TrialReset_serv;Eset TrialReset; C:\WINDOWS\Eset_TrialReset_serv.exe [2008-07-27 69632]
    R2 EvtEng;EvtEng; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2005-06-03 86016]
    R2 Irmon;Moniteur infrarouge; C:\WINDOWS\system32\svchost.exe [2004-08-05 14336]
    R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-05-25 152984]
    R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [2006-10-19 61440]
    R2 OwnershipProtocol;OwnershipProtocol; C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe [2005-05-31 98304]
    R2 RegSrvc;RegSrvc; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2005-06-03 139264]
    R2 S24EventMonitor;Spectrum24 Event Monitor; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2005-06-03 372809]
    R2 spmgr;spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [2005-04-20 118784]
    R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]
    R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-04-02 656168]
    S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-12-05 774144]
    S3 NMIndexingService;NMIndexingService; C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe [2006-12-23 262144]

    -----------------EOF-----------------
    28 Mai 2009 00:09:41

    Et bin sa en fait du blabla ^^"
    a b 8 Sécurité
    28 Mai 2009 17:38:43

    Tu as encore des soucis ?
    29 Mai 2009 12:56:44

    Aucun merci beaucoup ,
    =D
    29 Mai 2009 17:18:03

    non sa a l'air ok! Par la même occasion mon pb avec itunes s'est aussi réparé =)
    Merci a toi !
    a b 8 Sécurité
    29 Mai 2009 17:45:50

    Bonne continuation ;) 
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS